Cloud is good, cloud is safe, cloud is for everyone. This a truth but sometimes is not enough for some companies.
As you probably know, the Azure hosts are used by multiple tenants and the virtual machines are isolated using a multi-tenant hypervisor; so, we have many servers, many VMs, many customers. To be honest, I don’t see a “bug” into a cloud model but if we want to be critical, maybe the VM’s dimension is not clear in some cases: my mean, I cannot increase the memory without increase the vCPU.
What happen if a customer needs more granularity or more security? Until now, the only option is use another cloud vendor to achieve the requirement…..until now, because a couple of weeks ago Microsoft has released in Preview a new service called Azure Dedicated Host, a way to run own workloads into “physical server” assigned to one tenant/customer.
This gives customers the visibility and control on what physical hardware their virtual machines are running, and it allows to address corporate compliance and regulatory requirements. A dedicated host gives you assurance that only VMs from your subscription are on the host, flexibility to choose VMs from your subscription that will be provisioned on the host and the control of platform maintenance at the level of the host.
Before generating false enthusiasm, bear in mind that Dedicated Host is provided as a virtualized environment that’s architected to run Azure VMs. Microsoft doesn’t offer a bare metal as a service.
There are two type of host configurations:
Dedicated Host Type 1 – Based on the Intel Xeon® E5-2673 v4 (Broadwell) with 40 sockets and up to 448GB of RAM
Dedicated Host Type 2 – Based on the Intel Xeon® Platinum 8168 (Skylake) with 48 sockets and up to 144GB of RAM
A recap about the configuration available is explained in this figure 1.
To create a Dedicated Host, is necessary create a Host Group – figure 2. This is a collection of all hosts and is very important to define the availability of your infrastructure.
When the group is ready, you will be able to create a new dedicated host from Azure Marketplace – figure 3.
There’s not too much into the wizard, because the only real choose is the Size Family; the rest of settings are inherited from Host Group.
After few minutes, the infrastructure will be ready to be used.
You can deploy only supported Azure VM series on Azure Dedicated Host. The VM series and sizes depend on the Azure Dedicated Host Type. For example, on an Azure Dedicated Host Type 1, you will be able to deploy any Dsv3-Series VM sizes – from D2s v3 to D64s v3. For example, any of the configurations listed below are possible:
Dedicated Hosts are charged at the host level and not on the number of Azure VMs you run on the host. However, software licenses are billed separately from compute resources at a VM level based on usage. There are no upfront costs or termination fees.
Currently, the Azure Dedicated Host is a pay-as-you-go service, and you only pay for what you need. This a schema for Windows license, but you can deploy also Linux VMs.
If you have a Software Assurance, or an active subscription, for Windows Server or SQL Server, you will be able to use them to reduce the total amount cost. For more information about limitations and conditions, please check the FAQ page at this link: https://azure.microsoft.com/en-us/services/virtual-machines/dedicated-host/
Azure Dedicated Host is easy to configure but maybe your subscription could not be enabled to create the request. For the topology of configuration, if your subscription is not set to request the right number of vCPU you will receive a message error like figure 8.
From Azure Cloud Shell, you can check the current limit with cmdlet Get-AzVMUsage -Location “West Europe” – or your region.
If the value is 0 or less then 64, raise a ticket support to increase the value.
Azure Dedicated Host is a great service for all companies that need to create a private environment, for security and compliant or maybe when is required more customization. Eligible customers can also use the Azure Hybrid Benefit for savings money on Azure Dedicated Host deployments. Don’t forget that the service is in Preview so many limitations are present.