Azure provider design implementation notes

This page describes the Azure provider.

Azure currently has two "stacks": Service Management ("classic"), and Resource Manager ("ARM"). We talk here mostly about the ARM stack, which is replacing the classic stack. Juju has support for the legacy/classic stack, but it is in maintenance-only mode, and any new environments will be ARM-based.

Resource Groups

Azure has a concept of "resource groups", which are containers for IaaS resources: machines, networks, disks, etc. Each Juju environment -- including hosted -- is represented by a resource group. Resource groups must be named uniquely within the subscription: we use the naming scheme "juju--environment-".

Some resources are shared by environments, and these will be contained within the "controller resource group" -- the resource group that contains the bootstrap/controller environment. In particular, all machines managed by a controller will be connected to a single "internal" virtual network, and that virtual network (vnet) exists in the controller resource group. Each environment is given its own subnet, but the subnets also exist in the controller resource group; it is a restriction of the Azure network model that subnets and vnets must be co-located.

To destroy an environment we must delete the subnet associated with the environment, and delete the environment's resource group.

Networking

Each controller manages a single vnet for internal communications, managing the 10.0.0.0/8 prefix. Each environment is assigned 10.0.0.0/16, 10.1.0.0/16, etc., according to availability.

Each environment is also given its own network security group, which manages firewalls for the environment. There are 100 network security groups in a subscription by default, so there is a default limit of 100 environments. This limit can be raised by contacting Microsoft Azure support.

Each machine is created with a single NIC, attached to the internal subnet. Each NIC also has a public IP assigned. We may want to only assign public IPs to controllers by default, and defer assignment of public IPs to machines until they are exposed (and then delete when all ports are unexposed).

Availability Sets

Each service deployed to an environment will create an "availability set" for that service. When a machine is created to host a unit of the service, the machine will join that availability set. Azure ensures that machines in an availability set are (a) not automatically rebooted at the same time (i.e. for infrastructure upgrades); and (b) allocated to redundant hardware, to avoid faults bringing down all service units simultaneously.

Availability sets are similar to "availability zones" in AWS and elsewhere, but dissimilar enough that they do not fit into Juju's abstraction of zones. In particular, charms cannot query what "zone" they are in on Azure.