Azure Availability Zones: Achieve High Availability
One of the main reasons why organizations decide to move their resources to a cloud provider is to guarantee as much reliability and availability for their services as possible. The distribution of workloads and resources among physically separated datacenters guarantees business continuity even if the primary data center becomes temporarily unavailable. Azure Availability Zones can be employed when physical isolation is required to provide high availability to different resources over Microsoft Azure.
Azure Availability Zone Definition
Organizations deploying their resources over the Azure cloud should choose the region that best fits their needs based on different considerations such as service features and requisites, data location, compliance requirements, product pricing, and network latency.
An Azure region is a set of data centers deployed within a latency-defined perimeter and connected through a dedicated, regional low-latency network. Within each Azure region are unique physical locations called Availability Zones. Each Availability Zone is comprised of one or more data centers equipped with independent power, cooling, and networking resources.
Azure services that support Availability Zones are divided into:
- Zonal services: A resource is pinned to a specific zone.
- Zone-redundant services: Azure replicates automatically across zones. Read more about regions and services that support Availability Zones using Azure.
Why Use Availability Zones?
Availability zones protect data and applications from data center failures as there is a minimum of three separate zones in all enabled regions to achieve failover. Each separate zone has one or more datacenter, independent networking, cooling, and power; hence zone-redundant services replicate data and applications to protect from single-points-of-failure.
Datacenter failures are handled properly because the Availability Zone in Azure is a combination of a fault domain and an update domain. For example, when three or more VMs are created in an Azure region, they are distributed across three fault domains and three update domains. The Azure platform ensures that VMs in different zones are not updated at the same time.
Availability Zones Vs. Availability Sets
In addition to Availability Zones, Azure offers other high-availability options such as Availability Sets. The main difference between Availability Zones and Availability Sets is that, in terms of service continuity, Availability Zones guarantee protection against a complete data center failure, whereas Availability Sets cover only potential failures within the same data center. This means that Availability Zones encompass 99.99% of the Service Level Agreement (SLA) versus the 99.95% coverage offered by Availability Sets.
Additionally, Availability Zones support different Azure services such as virtual machines (VMs), ExpressRoutes, SQL databases, and virtual private network (VPN) gateways, while Availability Sets are designed to work only with VMs.
Zonal vs. Zone-Redundant Architecture
Azure services supporting availability zones fall into two categories: zonal and zone redundant. Customer workloads can be categorized to utilize either architecture scenario to meet application performance and durability requirements.
With zonal architecture, a resource can be deployed to a specific, self-selected Availability Zone to achieve more stringent latency or performance requirements. Resiliency is self-architected by replicating applications and data to one or more zones within the region. You can choose specific availability zones for synchronous replication, providing high availability, or asynchronous replication, providing backup or cost advantage. You can pin resources-for example, virtual machines, managed disks, or standard IP addresses to a specific zone, allowing for increased resilience by having one or more instances of resources spread across zones.
With zone-redundant architecture, the Azure platform automatically replicates the resource and data across zones. Microsoft manages the delivery of high availability since Azure automatically replicates and distributes instances within the region.
A failure to a zone affects zonal and zone-redundant services differently. In the case of a zone failure, the zonal services in the failed zone become unavailable until the zone has recovered. By architecting your solutions to use replicated VMs in zones, you can protect your applications and data from a zone becoming unavailable-for example, due to a power outage. If one zone is compromised, replicated apps and data are instantly available in another zone.
Availability Zone Set Up in Azure
To configure an Availability Zone for a VM from the Azure portal, complete the following steps:
- Log on to your Azure account.
- Add a new virtual machine through the Create a virtual machine wizard.
- Under the Basics tab, locate the Availability options field. Select Availability zone from the drop-down list. Note that not all regions support Availability Zones. If the selected Region does not support Availability Zones, the following message will be displayed: “No availability zones are available for the location you have selected”.
- Expand the Availability zone drop-down list, and select one of the numbered zones. In this example, a new virtual machine will be deployed in the East US region which offers three Availability Zones. Zone number 1 is the zone that will be configured.
- Complete the rest of the configuration fields according to your requirements, and click on the Review + create button. Once the validation process is complete, click the Create button.
- Once the deployment has been carried out, click the Go to resource button. The summary view includes information about the location and the Availability Zone of the VM.
Availability Zones can also be configured using Azure PowerShell.
High Availability and Parallels RAS
Parallels® Remote Application Server (RAS) can be deployed easily over Azure due to its prebuilt Azure virtual machine templates, simple configuration wizards, and built-in automation capabilities. Components such as High Availability Load Balancers (HALBs), Secure Client Gateways, and Publishing Agents should be duplicated to prevent any infrastructure server from becoming a single point of failure. Organizations may opt to configure Availability Zones for these components depending on the required SLA, thus increasing the reliability and availability of their Parallels RAS deployment.
Parallels RAS also provides multi-tenancy support which allows administrators to manage multiple Parallels RAS environments centrally. Additionally, Parallels RAS streamlines the onboarding processes of new customers since certain infrastructure components such as HALBs, and Secure Client Gateways can be shared among different tenants. Administrators may decide to configure these shared resources within different Availability Zones to increase the responsiveness of their Parallels RAS environment.
Like VMs, certain networking services such as Azure Firewall, Standard Load Balancer, VPN Gateway, and ExpressRoute Gateways can be configured using Availability Zones. When working with hybrid or cloud Parallels RAS deployments, administrators can guarantee a high-availability configuration not only for infrastructure servers but also for those networking resources involved.