Hey Friends, In this article series, I am aiming to touch on edge spots in the new Azure Virtual Network Manager. Many organizations are running their services on Azure and having multiple virtual networks in single or multiple subscriptions. There are different ways on Azure Infrastructure that communicate between Virtual Networks, such as Hub and Spoke or Mesh topology.
π Introducing Azure Virtual Network Manager (AVNM)β
Azure Virtual Network Manager (AVNM) is a new feature and is in preview now. AVNM is a single pane of glass for your environment that solves the connectivity and management complexity if you have multiple Virtual Networks in your organization.
Platform/Network Engineers challenge with network management on Azure Landing Zones.
- π Engineering effort and overhead for managing multiple Virtual Networks
- π Handling virtual networks at scale
- π Providing self-service and self-healing (broken peering etc) capability
β‘Is this paid service ?β
Azure Virtual Network Manager will cost you per subscription. For each subscription managed by Azure Virtual Network Manager(AVNM), you will be bound to pay $0.10 per month.
π What regions are available in public preview?β
- North Central US
- South Central US
- West US
- West US 2
- East US
- East US 2
- Canada Central
- North Europe
- West Europe
- UK South
- Switzerland North
- Southeast Asia
- Japan East
- Japan West
- Australia East
- Central India
π§βπ» You should know, before you start to use AVNMβ
Virtual Network can managed by multiple Azure Virtual Network Managers?
- Yes, virtual network can belong to multiple Azure Virtual Network Managers
Can we deploy Azure Virtual Network Manager via ARM, BiCep or Terraform?
- We are able to deploy Azure Virtual Network Managers and its components via BiCep, ARM and Terraform(AzApi)
Can we manage Azure Virtual Network Manager via Azure CLI and Azure PowerShell?
- It is fully supported in Azure PowerShell Module and Azure CLI. You might want to build automation by using them.
Does Azure Virtual Network Manager govern cross-tenant VNETs?
- I believe this will be supported from Azure Virtual Network Manager. In the Public Preview, it is not supported.
π Use cases for Azure Virtual Network Managersβ
Imagine that you manage multiple virtual networks across your organization's subscriptions; you can apply connectivity configurations to set up automatically a Mesh or Hub-and-spoke network at scale. You don't need to tackle managing virtual network peerings anymore. You might see the latency if you are using Hub and Spoke topology and traversing traffic between virtual networks from Microsoft Enterprise Edge (MSEE) routers to your Virtual Networks. With Azure Virtual Network Manager, you can create a mesh network between your virtual networks so that you can reduce latency.
At scale, you can apply/append rules for Network Security Groups so you can deny/block high-risk traffic.
Allowing Shared services traffic: You can have shared services in your environment, Azure Virtual Network manager can help you to permit traffic on Network Security Groups for your platform services.
Before you start to use Azure Virtual Network Manager, you need to have Azure PowerShell Module installed on your machine.
I will mainly use Azure PowerShell Module to create the Azure Virtual Network Manager instance and its sub-components.
Please be ready to use Azure PowerShell Module.
π§
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force
# You can also use Azure Cloud Shell