Azure Compute Gallery; A Service Tool for Replicating Operational Structure and Organisation in a Multi-Location Scenario.

Imagine a business leader who has a business organisation that has scaled over the years to say 6 geographical regions within Africa. Knowing fully well that the survival of a Multi-location business enterprise hinges on consistency in quality service delivery across the locations of the business. How do we ensure that the structure and the organisational efficiency that is in the business's first location are replicated in the other location where the business is located? The solution is for the business leader to replicate or mirror the image and the operating system of the first successful business location to the other target location. This is only possible by using Azure Compute Gallery.

What is Azure Compute Gallery:

According to Microsoft, Azure Compute Gallery is a service that helps you build structure and organization around your Azure resources, like pre-configured images; and applications. It provides global replication, versioning and grouping of resources for easier management. You can share your resources with everyone or limit sharing to different users, service principals, or AD groups within your organization. Resources can be replicated to multiple regions for quicker scaling of your deployments.

Functions and Benefits Of Azure Compute Gallery.

Scaling:

Azure Compute Gallery allows you to specify the number of replicas you want to keep. This helps in multi-VM deployment scenarios as the VM deployments can be spread to different replicas reducing the chance of instance creation processing being throttled due to overloading of a single replica. You can set a different replica count in each target region, based on the scale needs for the region. Since each replica is a copy of your resource, this helps scale your deployments linearly with each extra replica.

Global Replication:

Azure Compute Gallery also allows you to replicate your resources to other Azure regions automatically. Each image version can be replicated in different regions depending on what makes sense for your organization.

Highly availability of resources with Zone Redundant Storage (ZRS):

Azure Zone Redundant Storage (ZRS) provides resilience against an Availability Zone failure in the region. With the general availability of Azure Compute Gallery, you can choose to store your images in ZRS accounts in regions with Availability Zones. You can also choose the account type for each of the target regions. The default storage account type is Standard_LRS, but you can choose Standard_ZRS for regions with Availability Zones.

Other Functions and Benefits:

• It allows for Versioning and grouping of resources for easier management.

• Possibility of Premium storage support (Premium_LRS).

• Sharing to the community, across subscriptions, and between Active Directory (AD) tenants.

• With a gallery, you can share your resources with everyone, or limit sharing to different users, service principals, or AD groups within your organization. Resources can be replicated to multiple regions, for quicker scaling of your deployments.

  Guidelines On How Azure Compute Gallery is Created.

• Prerequisite:

• 1: Azure Subscription from Azure Portal.

• 2: Resource Group to house your compute gallery resources.

• 3: Virtual Machine that you intend to create images from.

Once you have all the pre-requisite in place, follow the following guidelines to create your Compute Gallery:

Click on the Big + sign on the Azure portal.

Type Azure Compute Gallery on the search bar.

Click on Create on the Azure Compute Gallery.

Select the resource group to which the gallery will reside. Give a name and description to the gallery and click next.

Click on the next button to access the Sharing method.

Step 5: Choose the sharing method based on the level of access required on the gallery from external stakeholders.

Sharing Methods:

There are 3 types of Sharing Methods on this page which are:

1: Role Based Access Control (RBAC):

is a security model used to manage access to resources within a computer system or application. It's a method of ensuring that only authorized users have access to specific resources, data, or functionalities based on their roles and responsibilities within an organization. In an RBAC system, users are assigned specific roles, and each role is associated with certain permissions or access rights.

2: RBAC + Share directly:

In some systems, you might need to extend RBAC to accommodate the concept of sharing resources with specific users who might not belong to the predefined roles. The integration of RBAC and sharing can provide a flexible access control mechanism that combines the benefits of both role-based permissions and individual resource sharing. However, this can also introduce complexities in terms of design, implementation, and maintenance. Careful planning and thorough testing are crucial to ensure that the combined system works as intended and maintains the desired security levels.

3: RBAC + share to public community gallery:

Combining Role-Based Access Control (RBAC) with a public community gallery involves integrating controlled access for users with predefined roles while allowing certain resources to be shared with the public or a broader community. By integrating RBAC with a public community gallery, you can provide a flexible and controlled environment where users can share content while maintaining the security and access control of your platform.

For this learning, we are going with the first option which is the RBAC option. Click on the RBAC option.

Click on next to tag the gallery accordingly and click on Review & Create.

The Configuration of the compute is valid.

Your Compute Gallery is ready. It is important to note that you can choose to create your compute gallery separately as a service just as we have done here. You can also create the Compute gallery during the process of capturing your VM. Either way, you will arrive at the Azure compute gallery.

The next thing is to capture the image of the VM with the created gallery. To do this, you need to go back to the home page and look out for the VM you intend to capture.

On the "Overview" page of the VM, look out for the "Capture" button and click.

The process of capturing the VM has started.

Scroll down a bit and provide all the required information accordingly.

Operating System in VM Image Capturing:

Now we must know the implications and uniqueness of using a Generalized or Specialized operating system when capturing the image of a VM in a compute gallery.

Generalized Operating System:

A "generalized operating system image" refers to an image of a virtual machine that has been prepared and stripped of specific machine-specific information so that it can be used as a template for creating multiple instances of VMs. This process is often called "generalization" or "sys prepping" the VM image. By creating and using generalized operating system images, you can streamline the process of provisioning new VMs with consistent configurations and software setups. This is particularly useful when you need to deploy multiple VMs with the same specifications, such as in a scale-out scenario or for maintaining consistent development or testing environments.

Specialised Operating System:

A "specialized operating system image" in the context of Azure Virtual Machines (VMs) refers to an image of a VM that has been customized and configured with specific applications, settings, and configurations to serve a particular purpose. Unlike a "generalized" image, which is prepared for creating multiple instances with varying configurations, a specialized image is tailored for a specific use case or application. Specialized images are useful when you have a specific workload or application that requires a consistent and predefined environment. They allow you to quickly deploy instances with the same configuration, reducing the time and effort required to set up each VM manually.

Create VM Image Divination:

In Azure Virtual Machines (VMs), an "Image Definition" refers to a description or configuration that defines how a VM image should be created. It specifies various settings and properties that determine how the virtual machine image is constructed, including the source image, OS settings, application configurations, and more.

Versioning Of The Image:

In the context of capturing VM images on Azure, "versioning" refers to the practice of creating and managing different iterations or versions of an image. When you capture an image of a virtual machine (VM) in Azure, you can choose to create multiple versions of that image over time. Each version represents a snapshot of the VM's state, including the operating system, applications, configurations, and any customizations you've made. When capturing VM images on Azure, it's a good practice to include a version number or identifier in the image's name to help you keep track of different versions. Regularly updating your images with new versions can contribute to better management, maintainability, and reliability of your virtual infrastructure.

Replication:

In the context of capturing VM images on Azure, "replication" typically refers to the process of creating duplicate or copied images of virtual machines (VMs) in different Azure regions or storage accounts. Replication is often used for backup, disaster recovery, and redundancy purposes. It's important to note that replication is not the same as versioning. While versioning involves creating different iterations of the same image with changes over time, replication involves creating copies of the same image in different locations.

Once you click create, the system while creating the VM image will automatically shut down the VM and you will receive a notification to this effect.

The Compute gallery is successfully created.

Conclusion:

I hope that you enjoyed every bit of this learning. I am also delighted to be your partner in this learning. Let us do it together again in the next edition of the Tech Merchant blog. Until then, be great.