There are two ways to go about this. One is to place the VMs in different availability zones (different datacenters in the region) and the other is availability sets which separate VMs on different hardware and in different maintenance groups - within the same physical datacenter.
An availability set is the combination of a fault domain (which is separate physical hardware within a given datacenter) and an update domain (specifies logical groups of hardware to avoid downtime during planned or unplanned MS maintenance, se here).
Availability set
The order in which you create the availability set is the following:
- First you create the availability set
- Then you create the individual VMs - and the important part is that the availability set has to be specified/set during VM creation using a parameter (AvailabilitySetName). If the VM has already been created without this parameter, then it cannot be added to the availability set later
If you are creating the VMs in PowerShell from scratch an not using the "New-AzVMConfig" cmdlet to specify VM settings in your script, then you can follow this MS guide. However, if you're using "New-AzVMConfig" then it has to be done slightly differently.
Create availability set
# Variables
$ResourceGroupName = "myRG"
$LocationName = "westeurope"
$AvailSetName = "AvailabilitySetAD01"
New-AzAvailabilitySet `
-Location $LocationName `
-Name $AvailSetName `
-ResourceGroupName $ResourceGroupName `
-Sku aligned `
-PlatformFaultDomainCount 2 `
-PlatformUpdateDomainCount 2
This creates the availability set with two fault domains and two update domains. In West Europe you can have up to three fault domains.
To create the VMs, make sure that the following lines are set in the script (copy/paste the snippet to get all the code):
$AvailSetName = "AvailabilitySetAD01"
# Get the availability set for domain controllers
$AvailSet = Get-AzAvailabilitySet -ResourceGroupName $ResourceGroupName -AvailabilitySetName $AvailSetName
# Create new VM config object and add it to the availability set
$VirtualMachine = New-AzVMConfig -VMName $VMName -VMSize $VMSize -AvailabilitySetID $AvailSet.Id
An example of a full VM script including the above three lines can be seen below. If using this in its entirety, make sure that the resource groups, key vault, and storage group are created in advance (or not use the specific parts about key vault and boot diagnostics).
# Update these variables:
# Update to correct RG name
$ResourceGroupName = "ad-RG"
$Vnetrgname = "vnet-RG"
$rgLogmon = "logmon-RG"
$secrgname = "sec-RG"
$ComputerName = "myServer01" # Change this!
$VMName = "myServer01" # Change this!
$VMSize = "Standard_B2s"
$Vnetname = "MYvnet"
$SubnetName = "MyZone01"
$Disksize = "128"
$OSDiskName = $($VMName) + '-disk01'
$Publisher = "MicrosoftWindowsServer"
$Offer = "WindowsServer"
$Sku = "2019-Datacenter"
$DiskType = "StandardSSD_LRS"
$PrivateIP = "192.168.1.10" # Change this!
$stgaccountname = "myStorageAccount"
$kvname = "MyKV"
$secretname = "localadmpwd"
$AvailSetName = "AvailabilitySetAD01"
# Do not update these variables
$VMLocalAdminUser = "localadmin"
# Will prompt for password during deploy
#$VMLocalAdminSecurePassword = ConvertTo-SecureString -AsPlainText -Force
# Will get password from text file
#$VMLocalAdminSecurePassword = Get-Content ./vmos-sec-key.txt | ConvertTo-SecureString -AsPlainText -Force
# Will retrieve passwd from key vault
$VMLocalAdminSecurePassword = (Get-AzKeyVaultSecret -vaultName $kvname -name $secretname).SecretValueText | ConvertTo-SecureString -AsPlainText -Force
$LocationName = "westeurope"
$NICName = $($VMName) + '-nic01'
$OSDiskName = $($VMName) + '-OsDisk01'
Write-Host "Creating variables at $(Get-Date)"
# Get existing Vnet
$Vnet = Get-AzVirtualNetwork -Name $Vnetname -ResourceGroupName $Vnetrgname
# Get existing subnet
$Subnet = Get-AzVirtualNetworkSubnetConfig -Name $SubnetName -VirtualNetwork $Vnet
# Set static private IP address
$IPconfig = New-AzNetworkInterfaceIpConfig -Name "IPConfig1" -PrivateIpAddressVersion IPv4 -PrivateIpAddress $PrivateIP -SubnetId $Subnet.Id
# Create a new NIC for the VM and associate the private IP
$NIC = New-AzNetworkInterface -Name $NICName -ResourceGroupName $ResourceGroupName -Location $LocationName -IpConfiguration $IPconfig -Force
# Create credentials object
$Credential = New-Object System.Management.Automation.PSCredential ($VMLocalAdminUser, $VMLocalAdminSecurePassword);
# Get the availability set for domain controllers
$AvailSet = Get-AzAvailabilitySet -ResourceGroupName $ResourceGroupName -AvailabilitySetName $AvailSetName
# Create new VM config object and add it to the availability set
$VirtualMachine = New-AzVMConfig -VMName $VMName -VMSize $VMSize -AvailabilitySetID $AvailSet.Id
# Set OS type and OS name and add to VM config object
$VirtualMachine = Set-AzVMOperatingSystem -VM $VirtualMachine -Windows -ComputerName $ComputerName -Credential $Credential -ProvisionVMAgent -EnableAutoUpdate
# Associate the NIC with the VM config object
$VirtualMachine = Add-AzVMNetworkInterface -VM $VirtualMachine -Id $NIC.Id
# Specify OS type for the VM config object
$VirtualMachine = Set-AzVMSourceImage -VM $VirtualMachine -PublisherName $Publisher -Offer $Offer -Skus $Sku -Version latest
# Set disk size in GB
$VirtualMachine = Set-AzVMOSDisk -VM $VirtualMachine -DiskSizeInGB $Disksize -Name $OSDiskName -StorageAccountType $DiskType -CreateOption FromImage
# Set storage account for boot diagnostics (udpate line below)
$VirtualMachine = Set-AzVMBootDiagnostic -VM $VirtualMachine -Enable -ResourceGroupName $rgLogmon -StorageAccountName $stgaccountname
Write-Host "Creating new VM...(this can take 10+ minutes). Starting at $(Get-Date)"
# Create the VM using VM config object
New-AzVM -ResourceGroupName $ResourceGroupName -Location $LocationName -VM $VirtualMachine -Verbose
Write-Host "VM created"
Write-Host
Write-Host "Script done at $(Get-Date)"
Write-Host
When done, it will look like below in the portal:
Availability zones
In regions that support availability zones (e.g. West Europe), there can be up to three logical zones - named 1, 2, and 3 that each represent one physical datacenter (Microsoft states that a zone may be more than one DC but does not promise this, so we assume a zone is one DC).
Zone numbering is only consistent within a subscription, so you cannot rely on e.g. Zone 1 being the same physical location if deploying in different subscriptions.
According to MS documentation, there are two types of availability zones services:
- Zonal services – where a resource is pinned to a specific zone (for example, virtual machines, managed disks, Standard IP addresses), or
- Zone-redundant services – when the Azure platform replicates automatically across zones (for example, zone-redundant storage, SQL Database).
So for VMs one can pin or specify a zone for a VM using zonal services. This has to be done during deployment and cannot be change or updated after deploy. If nothing is specified, the Zone value will be empty you will not be in control of or be able to view zone placement.
If deploying with PowerShell, the '-Zone' parameter has to be used with a value of 1, 2, or 3. See example below:
# Create a virtual machine configuration
$vmConfig = New-AzVMConfig -VMName myVM -VMSize Standard_DS1_v2 -Zone 2 | `
Set-AzVMOperatingSystem -Windows
-ComputerName myVM -Credential $cred | `
Set-AzVMSourceImage
-PublisherName MicrosoftWindowsServer -Offer WindowsServer `
-Skus 2016-Datacenter -Version latest | Add-AzVMNetworkInterface -Id $nic.Id
To add a managed disk to a specific zone, the same same -Zone parameter should be used, se here.
If deploying via the portal there is a redundancy option where you choose availability zone and zone number, see below:
It should be noted that there is a cost associated with datatransfer in and out of zones. But placing a VM in a zone does not have a cost on its own.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.