ADFS on Azure Virtual Machines (part 2)

Now that we have our VPN between Azure and our on-premises environment up and running (see part 1), we can move forward with creating the needed virtual machines to support our solution. (Links to other articles in the series are in the conclusion.)

Azure Virtual Machines, Affinity Groups, and Availability Sets

Affinity Groups and Virtual Networks

Azure allows us to use Affinity Groups to insure that our services reside within the same data center cluster. This improves performance by eliminating the latency caused by inter-cluster communications and also potentially reduces cost by allowing for the use of cache and local storage calls. Since all of our Virtual Machines will be on one Virtual Network, and since a given Virtual Network can be associated with only one Affinity Group, all of our Virtual Machines will be in the same Affinity Group.

Availability Sets

Availbilty Sets help to protect nodes (Virtual Machines in our case) from single points of failure. Availability Sets utilize both Fault Domains and Update Domains to accomplish this. When we add two Virtual Machines to an Availability Set, they will be placed into two different Fault Domains. That placement insures that the machines will run on separate racks of physical server hosts and that they will utilize separate network switches. Sharing an Availability Set will also place the Virtual Machines into separate Update Domains. This placement insures that maintenance/updates to the underlying host clusters will be performed at different times. Thus, by adding our nodes to an Availability Set, they should not go down for hardware failure nor for scheduled maintenance at the same time. The use of multiple nodes protected by an Availability Set in a service is required to qualify for Azure's SLA.

Read more ...

Published on May 6, 2013 at 2:26 pm | | 0 Comments

Filed under Virtual Machines, Azure, ADFS