Book Image

The Road to Azure Cost Governance

By : Paola E. Annis, Giuliano Caglio
Book Image

The Road to Azure Cost Governance

By: Paola E. Annis, Giuliano Caglio

Overview of this book

Cloud teams and ICT cost controllers working with Azure will be able to put their knowledge to work with this practical guide, introducing a process model for structured cost governance. The Road to Azure Cost Governance is a must-read if you find yourself facing the harsh reality of monthly cloud costs gradually getting out of control. Starting with how resources are created and managed, everything you need to know in order to track, display, optimize, rightsize, and clean up cloud resources will be tackled with a workflow approach that will leave the choice of operation to you (be it the Azure CLI, automation, logic apps, or even custom code). Using real-world datasets, you'll learn everything from basic cost management to modeling your cloud spend across your technical resources in a sustainable way. The book will also show you how to create a recursive optimization process that will give you full control of spending and savings, while helping you reserve budget for future cloud projects and innovation. By the end of this Azure book, you'll have a clear understanding and control of your cloud spend along with knowledge of a number of cost-saving techniques used by companies around the world, application optimization patterns, and the carbon impact of your cloud infrastructure.
Table of Contents (14 chapters)
1
Section 1: Cloud Cost Management
5
Section 2: Cloud Cost Savings
9
Section 3: Cost- and Carbon-Aware Cloud Architectures

Understanding how cloud billing works

This section will guide you through the most common patterns of Azure cloud billing, to be able to correctly display, analyze, and export your billing information and associate it with the relevant IT resources.

In Azure, once you have access to a portal and have privileges to create resources and objects, the billing meters start, according to a few concepts that we'll describe in this chapter, as outlined here:

  • Type of agreement with Microsoft (Enterprise Agreement (EA), Microsoft Customer Agreement (MCA), cloud solution provider (CSP), developers, and more): This is a contract signed with Microsoft that will allow you to create Azure subscriptions and cloud services within those subscriptions.
  • Services' price: The price of Azure services, along with any discount or promotion or benefit applied to services and or contracts.
  • Resource utilization (region, time, frequency, and type): This is a key concept of cloud services. Every cloud service has a different pricing scheme that depends on these variables. For example, a Virtual Machine (VM) is billed by the duration of utilization and according to the VM family and size, and it's also different for each selected region. Therefore, the final price will be defined by how much time a specific VM type in an Azure region (that is, West US) has been running. We'll be able to see practical examples in the pricing section.

The way you can use resources in Azure depends on what type of agreement you have with Microsoft, even if in the end all will be visualized through the Azure portal.

At the time of writing, there are a few different types of billing accounts, as outlined here:

  • Microsoft Online Services Program (MOSP): This type of contract can be created by signing up through the Azure website. Each subscription will have its own payment methods and monthly invoice, as shown here:
Figure 1.1 – Structure of the MOSP

Figure 1.1 – Structure of the MOSP

  • EA: This is created when your company signs an EA with Microsoft. Each agreement will have one or more enrollments where Azure subscriptions can be created. Enrollment is typically associated with a monetary commitment or pre-paid agreements that grant special discounts to companies (the agreement may drop if the customer is not consuming as promised, whereas on exceeding consumption they will get the same discounts). The invoice will be unique across the whole EA, and the payment method is defined within the EA. The structure for an EA billing account is shown in the following diagram:
Figure 1.2 – Structure of the EA

Figure 1.2 – Structure of the EA

  • Microsoft Customer Agreement (MCA): This is a customer agreement only for Azure resources, with a limit of 20 subscriptions for each profile. A diagram of this agreement is shown here:
Figure 1.3 – Structure of the MCA

Figure 1.3 – Structure of the MCA

  • Microsoft Partner Agreement (MPA): This agreement is specific to partners (CSP) so that they can manage billing for their customers. If your Azure solution is through a CSP, you will have to request specific access to be able to see the billing. In addition, please be aware that Cost Management access will display retail rates, therefore you will need to make adjustments to reflect any additional discounts or benefits for your contract.

    Important Note:

    When a customer works with the MPA, they don't own the billing account, and all the features that come with the billing account are only accessible through the CSP itself. Tasks such as creating subscriptions need to be done through the partner, as well as the responsibility of providing such features through a Cost Management Platform (CMP), as for the cloud billing access.

The following diagram shows the structure of the MPA:

Figure 1.4 – Structure of the MPA

Figure 1.4 – Structure of the MPA

Tip:

A full list of supported Microsoft Azure offers can be found here: https://docs.microsoft.com/en-us/azure/cost-management-billing/costs/understand-cost-mgt-data. Other offer types unsupported by Azure Cost Management can still benefit from this book's suggestions, provided that they can find a way of exporting their cost details.

Cost Management information can be accessed by global admin(s) and admin agents and will display the invoiced pricing for Microsoft partners and providers. This is typically then used to charge back Azure usage to customers and resellers and to view specific billing benefits (such as Partner Credit), user budgets, exports, and notifications.

End customers and resellers can only view their specific subscription(s) billing information with proper Role-Based Access Control (RBAC) access to the subscription(s) and the visibility policy enabled for the tenant: the display information can only be at retail prices.

Additional information can be found here: https://docs.microsoft.com/en-us/azure/cost-management-billing/costs/get-started-partners.

Question 1: How do I know what my billing type is?

As per the documentation at https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/view-all-accounts#check-the-type-of-your-account, you can check your type of billing directly from the Azure portal's Azure Cost Management | Properties page.

Each of these billing types allows you to create Azure subscriptions, which are the largest technical repositories of resources in Azure.

You can then access billing information via several portal pages and dashboards according to the scopes you choose, as shown in the next screenshot:

Figure 1.5 – Azure portal Cost Management + Billing page

Figure 1.5 – Azure portal Cost Management + Billing page

The Azure portal Cost Management + Billing page will display a table with all the available scopes according to the following:

  • Your credentials
  • Your access permissions (identity and access management, or IAM)
  • Your company's hierarchy

For Azure plans that allow invoices to be read and downloaded, this can be done via the Azure portal through the following:

  • MOSP
  • MCA
  • MPA

Question 2: How are resources billed in Azure?

Well, the truth is that it depends on the resource and the meter category and subcategory. Also, considering the whole set of data center services, not all resources are billed: for example, a network interface card (NIC) attached to a VM is typically not billed.

Every Azure service that is billed has a metering unit that will define how the object can be considered in terms of a paid service—for example, a VM is billed according to its capacity (the VM size is the meter subcategory) and its usage frequency (VMs are billed per duration of usage). In the final monthly bill or invoice, every used Meter Category and subcategory is summed according to its usage and pricing.

Platform-as-a-Service (PaaS) services are typically billed by performance tiers—such as standard, premium, basic, and so on—depending on the type of service and the combination of resources that are included in each tier.

Let's review a few examples of how various Azure services have slightly different billing rules, as follows:

  • VMs: Azure VMs are billed per second rounded down to the last minute, but the different VM states (if the VM is starting, or doing operating system (OS) provisioning, and so on) will help you decide whether or not to pay for the VM, as explained in the following screenshot. This is important when you are switching off a VM for cost reduction (we'll learn more about this in the upcoming chapters) and must make sure you deallocate it in order to stop its billing (additional information can be found here: https://docs.microsoft.com/en-us/azure/virtual-machines/states-billing):
Figure 1.6 – VM billing states

Figure 1.6 – VM billing states

  • App Service (according to the official pricing given at https://azure.microsoft.com/en-us/pricing/details/app-service/windows/) has six different pricing plans, each with a different set of features, CPU/memory, and pricing:
    • Free
    • Shared
    • Basic (B1, B2, B3)
    • Standard (S1, S2, S3)
    • Premium (P1V2, P2V2, P3V2, P1V3, P2V3, P3V3)
    • Isolated (I1, I2, I3, I1V2, I2V2, I3V2, I1V3, I2V3, I3V3)

    The price is calculated by hours of usage, and users can add items on top of the plan, such as domain, certificate, and Secure Sockets Layer (SSL) connections. The following screenshot summarizes all the App Service available tiers and the related included features:

Figure 1.7 – App Service plans

Figure 1.7 – App Service plans

  • Other examples of pay per use are Cosmos DB and Functions. Cosmos DB (https://azure.microsoft.com/en-us/pricing/details/cosmos-db/) normalizes all database operations and offers two database models, as follows:
    • Provisioned throughput (measuring Request Units (RUs))
    • Serverless (billing RU)

    On top of it, storage must be added.

    For the serverless model, the following screenshot displays the Cosmos DB pricing for RUs:

Figure 1.8 – Cosmos DB pricing for RUs

Figure 1.8 – Cosmos DB pricing for RUs

The next screenshot shows the Cosmos DB pricing for storage consumed:

Figure 1.9 – Cosmos DB pricing for storage

Figure 1.9 – Cosmos DB pricing for storage

In addition, users must take into account backup storage, analytical storage, dedicated gateway, and multiple regions. All these configurations should be evaluated during the project design phase to better understand the impact on costs that a specific choice will have according to how that specific resource is billed.

According to its pricing rules (mentioned at https://azure.microsoft.com/en-us/pricing/details/functions/), with Azure Functions, the pay-per-use model has a number of free grants (1 million requests and 400,000 gigabytes (GB) of resource consumption) per month, and a price per execution and execution time, as displayed in the following screenshot:

Figure 1.10 – Azure Functions pay-per-use price

Figure 1.10 – Azure Functions pay-per-use price

There is also a premium plan with reserved virtual CPU (vCPU) and memory, as illustrated in the following screenshot:

Figure 1.11 – Azure Functions Premium plan

Figure 1.11 – Azure Functions Premium plan

Most of the billing categories can be summarized by service, such as Compute, Storage, Networking, Web, Databases, Identity, Security, Media, and so on, and have their own timeframe, unit, and frequency of billing metering.

Question 3: What are MACC and monetary commitment?

You might have signed with Microsoft a Microsoft Azure Consumption Commitment (MACC), a contractual agreement that upon a commitment of Azure spend, they will grant you special discounts. If your company has a MACC, it is important that you track your monthly and yearly spending against the commitment on a recurring basis, together with all other cost governance matters. This is mainly because your commitment to consuming Azure services will have an impact on the discounts and benefits from Microsoft, and its unfulfillment may have an impact on your grants.

Question 4: How do I know the cost of my Azure services?

You might have got pricing information from your partner, your Microsoft account team, or other sources of information, but for the sake of speed and comprehension, we recommend that you become fluent with using the Azure pricing calculator. This will allow for the following:

  • A better understanding of the billing metering for each service
  • An updated spending view of new objects in Azure
  • A clear spending forecast for new projects

The Azure pricing calculator can be found at https://azure.microsoft.com/en-us/pricing/calculator/.

Here is an example of how you can price a service. Let's imagine you have a very simple application that is comprised of a couple of frontend VMs and a couple of backend VMs. The requirements are very basic, as we can see here:

  • 4 cores; 16 GB RAM for the frontend VMs
  • 8 cores; 32 GB RAM for the backend VMs

The first pricing example is for frontend VMs. You choose the OS type and VM family, and enter the details on the configurator's page, as illustrated in the following screenshot:

Figure 1.12 – Adding a VM to the Azure pricing tool

Figure 1.12 – Adding a VM to the Azure pricing tool

At this point, you need to know what type of usage these VMs will endure. You can choose from the following:

  • Always on (maybe they are production VMs). In this case, 730 hours is the full month of an always-on VM. If this is the case, you will probably want to consider reservations, which we'll be able to dig deeper into in the next chapter, but for the sake of pricing, you might want to decide on a 1-year or 3-year reservation, to lower the VM price, as illustrated in the following screenshot:
Figure 1.13 – Azure VM pricing: choice of pay as you go or reservation options

Figure 1.13 – Azure VM pricing: choice of pay as you go or reservation options

  • A schedule interval—for example, Mon-Fri, 8 a.m.-8 p.m., which amounts to 12 hours, 5 days per week, for a total of 240 hours per month
  • An on-demand VM, typical of development environments, where developers or workers will switch the VM on only when using it—for example, 1 week per month, 12 hours per day, for a total of 60 hours per month

If you change the billing hours of the chosen VM, it will become clear that deciding on the usage time has a strong impact on billing at the end of the month! We'll be able to discover ways of optimizing this choice in the next chapters. The VM pricing lets you add storage options for the OS, along with any storage transactions related to Standard HDDs, as illustrated in the following screenshot:

Figure 1.14 – Azure VM price: choice of managed disks

Figure 1.14 – Azure VM price: choice of managed disks

The tool will also help you in calculating data transfer charges where applicable, as shown in the following screenshot:

Figure 1.15 – Azure VM price: bandwidth options

Figure 1.15 – Azure VM price: bandwidth options

You will then need to add any additional data disks via storage service pricing, and even with storage you will have the option of reserving capacity—we will talk about this in the next chapter. This is illustrated in the following screenshot:

Figure 1.16 – Azure storage account pricing for additional data disks

Figure 1.16 – Azure storage account pricing for additional data disks

In this section, we started with explaining the subscription hierarchy and billing of Azure, according to the contract in place with Microsoft, and then provided a brief explanation of the Azure pricing calculator, which is a very helpful tool not only to understand new project costs but also to analyze the impact of savings once the cost optimization process is in place.

Once you have organized your company's subscriptions and have access to each of them, including—where applicable—the root management group (we will work on management groups and privileges later in the book, but for now, the important information is that the cost owner should have full access to all cost-related objects in Azure), it is time for you to open the Azure portal for cost management and start looking at the billing, as we will see in the next section.