Scott Hanselman

Penny Pinching in the Cloud: Lift and Shift vs App Services - When a VM in the Cloud isn't what you want

April 25, '17 Comments [26] Posted in Azure
Sponsored By

I got an interesting question today. This is actually an extremely common one so I thought I'd take a bit to explore it. It's worth noting that I don't know the result of this blog post. That is, I don't know if I'll be right or not, and I'm not going to edit it. Let's see how this goes!

The individual emailed and said they were new to Azure and said:

Question for you.  (and we may have made a mistake – some opinions and help needed)
A month or so ago, we setup a full up Win2016 server on Azure, with the idea that it would host a SQL server as well two IIS web sites

Long story short, they were mired in the setup of IIS on Win2k6, messing with ports, yada yada yada. '

All they wanted was:

  • The ability to right-click publish from Visual Studio for two sites.
  • Management of a SQL Database from SQL Management Studio.

This is a classic "lift and shift" story. Someone has a VM locally or under their desk or in hosting, so they figure they'll move it to the cloud. They LIFT the site as a Virtual Machine and SHIFT it to the cloud.

For many, this is a totally reasonable and logical thing to do. If you did this and things work for you, fab, and congrats. However, if, at this point, you're finding the whole "Cloud" thing to be underwhelming, it's likely because you're not really using the cloud, you've just moved a VM into a giant host. You still have to feed and water the VM and deal with its incessant needs. This is likely NOT what you wanted to do. You just want your app running.

Making a VM to do Everything

If I go into Azure and make a new Virtual Machine (Linux or Windows) it's important to remember that I'm now responsible for giving that VM a loving home and a place to poop. Just making sure you're still reading.

NOTE: If you're making a Windows VM and you already have a Windows license you can save like 40%, so be aware of that, but I'll assume they didn't have a license.

You can check out the Pricing Calculator if you like, but I'll just go and actually setup the VM and see what the Azure Portal says. Note that it's going to need to be beefy enough for two websites AND a SQL Server, per the requirements from before.

Pricing for VMs in Azure

For a SQL Server and two sites I might want the second or third choice here, which isn't too bad given they have SSDs and lots of RAM. But again, you're responsible for them. Not to mention you have ONE VM so your web server and SQL Server Database are living on that one machine. Anything fails and it's over. You're also possibly giving up perf as you're sharing resources.

App Service Plans with Web Sites/Apps and SQL Azure Server

An "App Service Plan" on Azure is a fancy word for "A VM you don't need to worry about." You can host as many Web Apps, Mobile Apps/Backends, Logic Apps and stuff in one as you like, barring perf or memory issues. I have between 19 and 20 small websites in one Small App Service Plan. So, to be clear, you put n number of App Services as you'd like into one App Service Plan.

When you check out the pricing tier for an App Service Plan, be sure to View All and really explore and think about your options. Some includes support for custom domains and SSL, others have 50 backups a day, or support BizTalk Services, etc. They start at Free, go to Shared, and then Basic, Standard, etc. Best part is that you can scale these up and down. If I go from a Small to a Medium App Service Plan, every App on the Plan gets better.

However, we don't need a SQL Server, remember? This is going to be a plan that we'll use to host those two websites. AND we can use the the same App Service Plan for staging slots (dev/test/staging/production) if we like. So just get the plan that works for your sites, today. Unlike a VM, you can change it whenever.

App Service Plan pricing

SQL Server on Azure is similar. You make a SQL Server Database that is hosted on a SQL Server that supports the number of Database Throughput Units that I need. Again, because it's the capital-C Cloud, I can change the size anytime. I can even script it and turn it up and down on the weekends. Whatever saves me money!

SQL Azure Pricing

I can scale the SQL Server from $5 to a month to bajillions and everything in between.

What the difference here?

First, we started here

  • VM in the Cloud: At the start we had "A VM in the Cloud." I have total control over the Virtual Machine, which is good, but I have total control over the Virtual Machine, which is bad. I can scale up or out, but just as one Unit, unless I split things up into three VMs.

Now we've got.

  • IIS/Web Server in the Cloud: I don't have to think about the underlying OS or keeping it patched. I can use Linux or Windows if I like, and I can run PHP, Ruby, Java, .NET, and on and on in an Azure App Service. I can put lots of sites in one Plan but the IIS publishing endpoint for Visual Studio is automatically configured. I can also use Git for deployment as well
  • SQL Server in the Cloud: The SQL Server is managed, backed up, and independently scalable.

This is a slightly more "cloudy" of doing things. It's not microservices and independently scalable containers, but it does give you:

  • Independently scalable tiers (pricing and CPU and Memory and disk)
  • Lots of automatic benefits - backups, custom domains, ssl certs, git deploy, App Service Extensions, and on and on. Dozens of features.
  • Control over pricing that is scriptable. You could write scripts to really pinch pennies by scaling your units up and down based on time of day or month.

What are your thoughts on Lift and Shift to IaaS (Infrastructure as a Service) vs using PaaS (Platform as a Service)? What did I forget? (I'm sure lots!)


Sponsor: Check out JetBrains Rider: a new cross-platform .NET IDE. Edit, refactor, test, build and debug ASP.NET, .NET Framework, .NET Core, or Unity applications. Learn more and get access to early builds!

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb
Tuesday, 25 April 2017 23:12:31 UTC
Wish there was a way to run an exe as a service. A recent project had us using Akka.net which doesn't play nicely with webapps due to IIS's aberrant nature. We tried using docker in Azure but there was a lot of teething problems. But at the end of the day, all we really needed was a reverse proxy (which we could get from a Web App and the ability to run a long running monitored windows/linux service. There seems to be a lot of friction just to do that.
Nick
Tuesday, 25 April 2017 23:38:53 UTC
Nick,

Akka.net works well in IIS if you register the actorSystem as a singleton. Most common, using a clustered web, service, and lighthouse setup allows you to work in a concurrent environment with the static actorSystem reference.

Petabridge has a good example of a signalr web client with a backend cluster.
Greg Engle
Tuesday, 25 April 2017 23:40:41 UTC
@Nick, maybe Azure Functions can be a solution for your scenario?
Wednesday, 26 April 2017 00:02:44 UTC
We are working on a project at the moment (medium sized ASP.NET MVC5 with SQL Server) that we are planning on hosting in Azure. We get the benefits of App Service and would like to use it rather than running a whole VM. The challenge we face is the application is content heavy and the client will be uploading many gigabytes of files (images, docs etc.) and these resources have access rules controlling who can download them. I understand the correct approach is App Service and then an Azure Storage account for the uploads. This would require us to rewrite quite a bit of code to go from the old "File.Save(path...)" to one where the save goes to the Storage account. Then the file download handlers will need a tweak to pull from the Storage account rather than the folder hierarchy on disk on the server.

So I guess the question is: can you please point us in the right direction to learn how to shift our mind set from 'old school File.Save(..)' to the new Storage based approach? Also how do we protect files so only authorised users can access them?
Jason
Wednesday, 26 April 2017 00:09:21 UTC
Let me preface this by saying I don't disagree with anything in this post. Those are some excellent suggestions for dialling back cost where there are some savings to be gained and where the full resources offered for a given plan aren't required.

I do think that Azure's pricing doesn't always scale well - especially to zones outside the US (esp NZ / Australia for me), depending on the requirements and numbers of sites you run and especially if you're wanting SSL. Funnily enough, I wrote about it a couple of months back after your earlier "penny pinching" post (which was also very useful, by the way).

I'd be interested to know if I have a reasonable argument myself or if other people outside the US have similar views. I may have completely overlooked some of the fine-tuning options available with Azure DTUs or even pricing tiers.
Wednesday, 26 April 2017 00:39:39 UTC
Hey Scott. Great post. Lots of very useful info here.

An issue I've had for awhile is when I have to create an environment with a domain controller. Usually my go-to VM template is just to take the OOTB SharePoint VM set which comes with an app/sql/ad servers. You get the whole package. It's super convenient for just about anything Windows related.

The problem is that I would rather not have to use a VM for AD. I know that there's Azure AD, but can I just create an AD Service and an app and sql server VMs and then configure those VMs to join an Azure AD domain?

Thanks in advance.
Ami Schreiber
Wednesday, 26 April 2017 00:57:52 UTC
Where can I get those app service prices? Eastern zone is around 80 bucks for a standard S1 app service when I log in and compare
Al
Wednesday, 26 April 2017 02:11:28 UTC
Would be interesting to compare performance on middle tier app service and middle tier vm. Kinda surprised paas is more expensive unless you're dynamically adjusting the plan. Personally I don't think it always makes sense migrating VM workloads from on-prem to cloud. Lift and shift as they say.. Some will argue with the cloud you're only paying for what you use vs on-prem you're paying for what you *might* need over the next 5 years (server lifecycle). I do see benefits in containerizing workloads and using microservice architecture to fully leverage the scaling and orchestration features cloud provides.
Rich
Wednesday, 26 April 2017 02:49:59 UTC
Hi Al,

These prices come with MSDN Subscription where get Azure benefits. See here for details: https://azure.microsoft.com/en-us/pricing/member-offers/msdn-benefits-details/

Best Wishes, Oleg
Wednesday, 26 April 2017 06:28:26 UTC
My experience regarding running apps on a vm vs a specific package like app service or azure db is that you get way more bang for your buck when running it on vm's. Of course in this case there is the overhead of maintaining the server.

The other thing here is that resources are so extremely limited that for a limited budget (I'm a student), I cannot get any real work done. In the end I started running vm's which run the heavy tools at a 'local' provider. This while still using azure (app service/azure db) for the pretty straightforward code 'n deploy thingies.
Wednesday, 26 April 2017 06:40:01 UTC
As much as I appreciate the Azure, and SQL Azure. I want to say that SQL Azure is minimum good if you go for S3 plan at least, anything below this just doesn't work for application with even say 2K-3K user per day. I am saying this for hand on experience. My Project never use more than 10 DTU, but queries on S2 Plan take like 20-30 secs, but on S3 they works below 1 sec for same database and same query. Though I love SQL Azure and is my best option for Database.
Sumit Gupta
Wednesday, 26 April 2017 07:20:27 UTC
In the article you say that you don't have to worry about looking after an App service like with a VM. So what happens when a critical bug is being exploited in IIS, for sake of example. How do I know when or even if that will get patched on Azure side?

Following on from the above updates can sometimes require a reboot or a restart of a service. That requires downtime be it 1 minute or longer. If this happens automagically then how do you plan for that, let you customers know?

Towards the end of the article you say "Lots of automatic benefits - backups, custom domains, ssl certs, git deploy, App Service Extensions, and on and on. Dozens of features.". How are these automatic benefits? Certainly backups maybe, but Git deploy? Nope still using SVN, App service extensions - nope have to change app, SSL certs - nope I have to switch my cert from old to new and do stuff, in other words not automatic. I guess we have different thoughts on what automatic means. To me automatic means press Go and that's it. Pretty much nothing about Azure is press go and that's it. Normal it's change how you app works, deploys, builds, source control etc... then maybe it will work.

Currently as I understand it SQL Azure doesn't support anything but the database engine side of SQL Server so SSRS, SSIS, SSAS, SQL Agent is all out the window - so if you are using any of them you're also out of luck.
Peter
Wednesday, 26 April 2017 07:30:07 UTC
I'd just add reference to web jobs and/or Azure functions. Oftentimes I find when hosting a website it's not just the site and database, sometimes there's also a need for scheduled operations, that I'd usually implement as a Windows service or just a console app running as a scheduled task. Without a VM though, of course you can't just install and run these as you would if you had full control of the server.

The introduction of the web jobs functionality though gives an effective alternative to this when using app services for website hosting.
Wednesday, 26 April 2017 10:04:30 UTC
Thanks Scott, I like this article. I was going through similar decisions recently. I am based in London, saying that because we were lucky to get increase of Azure VM cost.

I had Azure VM with SQL Server installed on it. I started deploying more ASP.NET Core Websites and while processor was OK, there was not memory enough (https://github.com/aspnet/Hosting/issues/781). This was resolved with some fixes in ASP.NET Core but still I came to the point that I need only extra 1GB of memory which in example here would mean a jump from DS1 VM for 50.59$ to DS2 101.18$, that means 1GB memory would cost you another 50.59$. Unacceptable. You would get 7GB memory and extra core which are not used, not even environment friendly.

Thinking further, I decided to get rid of SQL Server as it eats resources. I moved my databases to Azure SQL Databases which I am happy with because of all benefits Scott mentioned except one, the cost for small databases (https://feedback.azure.com/forums/217321-sql-database/suggestions/18932212-new-pricing-tiers-x-small-databases).

Moving further, databases were moved, but more ASP.NET Core websites are coming and again, I just need that one 1GB Extra memory.

That's were I started thinking about moving my VM websites to App Service Plans, where the given resources don't count your OS resources (I guess) + all the benefits Scott mentioned and I really like, including recently posted Continuous Delivery (https://blogs.msdn.microsoft.com/visualstudio/2017/04/25/automatically-build-and-deploy-asp-net-core-projects-to-azure-app-services/).

Thinking ahead, but there is still an issue, at some stage I would need an extra 1GB+ for my websites, so I would need to still double the cost to S2, and recently my websites started using free Lets's Encrypt which is easy to deploy on IIS in seconds (https://github.com/Lone-Coder/letsencrypt-win-simple) but a pain in Azure Service Plans (even there is some extension), unless I am not aware of a one click solution.

The decision was done, I had to move away from Azure VM and cannot consider Azure App Service as I cannot scale granularly Memory and Processor. I moved to UK VM Cloud provider, who offers on the top only SSDs and you can increase/decrease memory by 0.5+GB or add/remove 1+ processor. The expected cost is almost a half what I used to pay.

This is my scenario. In my scenario, this worked perfectly as I don't need the other perks of Azure as I don't use them. I simply need to run the websites. I still keep my database in Azure SQL Databases as this seems to be more beneficial than having my own SQL Server, even the databases are small and lower cost would be welcomed. I also backup my websites through Azure Files/Folder Backup.

Hope my Penny Pinching will be also helpful for the readers :)





Vaclav Elias
Wednesday, 26 April 2017 12:01:13 UTC
Great article Scott, thank you for sharing. In our company we have a couple of VMs running SharePoint Foundation apps that we are planning to move to the cloud. Can we use an app service plan or due to sharepoint we have to use VMs?
Paulo Farias
Wednesday, 26 April 2017 12:12:57 UTC
Nick-
Cloud services and azure batch do exactly what you need. Functions too but they don't work very for long running jobs on the consumption plan.

The exact use case Scott outlined in the article we've implemented with about 50 websites. The app service services on azure are awesome and easy. My only complaint is the terrible disk IO, it is so slow and any process that requires it will suffer.
Lucuma
Wednesday, 26 April 2017 12:14:21 UTC
Thanks @Greg Engle. I'll need to play around with App services some more. Perhaps I misread but in the Akka.net gitter chat people seemed to have held a quite negative view of Azure WebApps for this use case.
Nick
Wednesday, 26 April 2017 13:57:35 UTC
"it's important to remember that I'm now responsible for giving that VM a loving home and a place to poop. Just making sure you're still reading." - I am introducing this in all my presentations from now on. Brilliant!
Georgi Vajarov
Wednesday, 26 April 2017 15:45:02 UTC
I use one WebApp, an MVC project which I've set up to handle multiple domains within that web site. That is, the host in the request maps to an MVC area, so I set up an area for each website within the web project. Which allows me to host as many domains as I need.
And I use one SQL Server DB, Basic tier, and segregate different sets of data by schema (dbo, imo, ths,tht, etc).
So I can host as many data-centric websites as I want for like $20-25 per month.
These websites are not heavy use at all, but they all need to be there for various reasons.
So yeah, I like Azure for penny-pinching.
John Walters
Wednesday, 26 April 2017 17:08:20 UTC
When moving from a SQL VM to Azure SQL, make sure Azure SQL supports everything your application needs (it is NOT just a SQL Server running in Azure). In our case, our current solution uses SQL Server's Service Broker so we must continue to maintain a SQL VM since Azure SQL doesn't support service broker.
Patrick Steele
Thursday, 27 April 2017 13:17:17 UTC
The "I have between 19 and 20 small websites in one Small App Service Plan." link is broken. There's a redundant single quote at the end.
T.KH
Thursday, 27 April 2017 16:02:25 UTC
Good post Scott!

I wish App Service was cheaper for running 1 website a little bit like Heroku where it starts at $7 with SSL included with a custom domain.

There is a lot things that are not needed with the Basic and Standard plans for just a single website.

Maybe providing a smaller size VM or getting the Shared Plan out of preview and providing SSL/Custom Domain
Pierrick Ganon
Thursday, 27 April 2017 21:26:51 UTC
Hi Corstian,

For students, you can check Microsoft DreamSpark (I believe a new name is Microsoft Imagine) benefits for Azure.

See here:

1. https://azure.microsoft.com/en-us/pricing/member-offers/imagine/
2. https://imagine.microsoft.com/en-us/Catalog/Product/99

Additionally, you can active Visual Studio Dev Essentials Azure Subscription, which gives you $25/mo. For details, please see here: https://azure.microsoft.com/en-us/pricing/member-offers/vs-dev-essentials/

Full list of offers: https://azure.microsoft.com/en-us/pricing/member-offers/

And again, low rates for App Service like you can see in Scott's screenshot available for Visual Studio subscribers with additional credit of $50 - $150 per month.

https://azure.microsoft.com/en-us/pricing/member-offers/msdn-benefits-details/

Best Wishes, Oleg
Friday, 28 April 2017 08:39:57 UTC
We used App Service Plans for some websites, and while we love it technically, we think the pricing is bad:
- S2 App Service Plan with 3.5 GB RAM and 2 cores costs $148 per month.
- Linux VM with 2 cores and 3.5 GB RAM costs $55
- Windows VM with 2 cores and 3.5 GB RAM costs $84

I just don't understand why an automated VM should be almost 3x more expensive than a Linux VM.

Our best penny pinching tip for Azure is to make use of the Elastic Database pools. They have cut our SQL costs a LOT.




Sunday, 30 April 2017 02:50:22 UTC
Good post Scott. FYI you have a broken link "between 19 and 20 small websites in one Small App Service Plan" (it's got an extra apostrophe at the end). Thought you might want to fix it :)
Friday, 05 May 2017 18:04:47 UTC
Can we add Azure Container Services (ACS) in this mix? We have approx. 100 of internal .Net LOB apps. Does it make sense to use ACS or ASE or Web apps?
Thanks!
Sam
Comments are closed.

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.