From 9c83fa71d79e36c7e0934977b81abf7839b1fdff Mon Sep 17 00:00:00 2001 From: judyer28 Date: Wed, 16 Oct 2024 12:32:54 -0400 Subject: [PATCH 1/2] feat: Added recommendation for On-Demand Capacity Reservations for DR regions (#466) --- .../587ca3e4-113b-4c4f-b4e0-92cd8d2065b6.kql | 2 ++ .../virtualMachines/recommendations.yaml | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 azure-resources/Compute/virtualMachines/kql/587ca3e4-113b-4c4f-b4e0-92cd8d2065b6.kql diff --git a/azure-resources/Compute/virtualMachines/kql/587ca3e4-113b-4c4f-b4e0-92cd8d2065b6.kql b/azure-resources/Compute/virtualMachines/kql/587ca3e4-113b-4c4f-b4e0-92cd8d2065b6.kql new file mode 100644 index 000000000..62b578dfe --- /dev/null +++ b/azure-resources/Compute/virtualMachines/kql/587ca3e4-113b-4c4f-b4e0-92cd8d2065b6.kql @@ -0,0 +1,2 @@ +// cannot-be-validated-with-arg + diff --git a/azure-resources/Compute/virtualMachines/recommendations.yaml b/azure-resources/Compute/virtualMachines/recommendations.yaml index ef4b9027c..28e541fff 100644 --- a/azure-resources/Compute/virtualMachines/recommendations.yaml +++ b/azure-resources/Compute/virtualMachines/recommendations.yaml @@ -523,3 +523,21 @@ learnMoreLink: - name: How to update the Azure Linux Agent on a VM url: "https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/update-linux-agent?tabs=ubuntu" + +- description: Reserve Compute Capacity in Disaster Recovery Regions + aprlGuid: 587ca3e4-113b-4c4f-b4e0-92cd8d2065b6 + recommendationTypeId: null + recommendationControl: Disaster Recovery + recommendationImpact: Medium + recommendationResourceType: Microsoft.Compute/virtualMachines + recommendationMetadataState: Active + longDescription: | + On-Demand Capacity Reservations ensure recovery of virtual machines in the event of a natural disaster by reserving compute capacity in advance within a specific region or zone. This guarantees that VMs have the necessary resources during disaster recovery failover events thus reducing downtime. + potentialBenefits: Guaranteed capacity in disaster recovery regions + pgVerified: true + publishedToLearn: false + automationAvailable: false + tags: null + learnMoreLink: + - name: On-demand Capacity Reservation + url: "https://aka.ms/on-demand-capacity-reservations-docs" From e04dfc5ad621bd970db30bf635ff815db0636207 Mon Sep 17 00:00:00 2001 From: Aarthi Murugan <61921020+aarthiem@users.noreply.github.com> Date: Wed, 16 Oct 2024 12:36:45 -0400 Subject: [PATCH 2/2] feat: Updates with PG verified recommendations and upgraded 3 recommendations to impact to High (#444) Co-authored-by: Eric Henry <44706965+ejhenry@users.noreply.github.com> --- .../Web/serverFarms/recommendations.yaml | 4 ++-- azure-resources/Web/sites/recommendations.yaml | 18 +++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/azure-resources/Web/serverFarms/recommendations.yaml b/azure-resources/Web/serverFarms/recommendations.yaml index 26750673d..5bbb32913 100644 --- a/azure-resources/Web/serverFarms/recommendations.yaml +++ b/azure-resources/Web/serverFarms/recommendations.yaml @@ -46,7 +46,7 @@ longDescription: | Avoid frequent scaling up/down of Azure App Service instances to prevent service disruptions. Choose the right tier and size for the workload and scale out for traffic changes, as scaling adjustments can trigger application restarts. potentialBenefits: Minimizes restarts, enhances stability - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: true tags: null @@ -82,7 +82,7 @@ longDescription: | Enabling Autoscale/Automatic Scaling for your Azure App Service ensures sufficient resources for incoming requests. Autoscaling is rule-based, whereas Automatic Scaling, a newer feature, automatically adjusts resources based on HTTP traffic. potentialBenefits: Optimizes resources for traffic - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: false tags: null diff --git a/azure-resources/Web/sites/recommendations.yaml b/azure-resources/Web/sites/recommendations.yaml index 9dcdbc108..9261bbd34 100644 --- a/azure-resources/Web/sites/recommendations.yaml +++ b/azure-resources/Web/sites/recommendations.yaml @@ -20,13 +20,13 @@ aprlGuid: a7e8bb3d-8ceb-442d-b26f-007cd63f9ffc recommendationTypeId: null recommendationControl: Monitoring and Alerting - recommendationImpact: Medium + recommendationImpact: High recommendationResourceType: Microsoft.Web/sites recommendationMetadataState: Active longDescription: | Use Application Insights to monitor app performance and load behavior, offering real-time insights, issue diagnosis, and root-cause analysis. It supports ASP.NET, ASP.NET Core, Java, and Node.js on Azure App Service, now with built-in monitoring. potentialBenefits: Real-time insights and issue diagnosis - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: false tags: null @@ -64,7 +64,7 @@ longDescription: | Creating a separate storage account for logs and not using the same one for application data prevents logging activities from reducing application performance by ensuring that the resources dedicated to handling application data are not burdened by logging processes. potentialBenefits: Improves app performance - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: false tags: null @@ -100,7 +100,7 @@ longDescription: | Use app settings for configuration and define them in Resource Manager templates or via PowerShell to facilitate part of an automated deployment/update process for improved reliability. potentialBenefits: Enhanced reliability via automation - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: true tags: null @@ -112,13 +112,13 @@ aprlGuid: fd049c28-ae6d-48f0-a641-cc3ba1a3fe1d recommendationTypeId: null recommendationControl: Other Best Practices - recommendationImpact: Medium + recommendationImpact: High recommendationResourceType: Microsoft.Web/sites recommendationMetadataState: Active longDescription: | Use Health Check for production workloads. Health check increases your application's availability by rerouting requests away from unhealthy instances, and replacing instances if they remain unhealthy. The Health check path should check critical components of your application. potentialBenefits: Enhanced reliability via automation - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: true tags: null @@ -136,7 +136,7 @@ longDescription: | Use network access restrictions to define a priority-ordered allow/deny list that controls network access to your app. Web application firewalls, such as the one available in Application Gateway, are recommended for protection of public-facing web applications. potentialBenefits: Enhanced security - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: true tags: null @@ -148,13 +148,13 @@ aprlGuid: 9e6682ac-31bc-4635-9959-ab74b52454e6 recommendationTypeId: null recommendationControl: Scalability - recommendationImpact: Medium + recommendationImpact: High recommendationResourceType: Microsoft.Web/sites recommendationMetadataState: Active longDescription: | App Service should be configured with a minimum of two instances for production workloads. If apps have a longer warmup time a minimum of three instances should be used. potentialBenefits: Improves app performace - pgVerified: false + pgVerified: true publishedToLearn: false automationAvailable: true tags: null