Operations Manager and Azure better together: AMGW architecture [#SYSCTR, #SCOM, #Azure]
In the first part of this blog post series I introduced the concept behind the Azure Monitoring Gateway (AMGW). This blog post will focus on what the server architecture looks like to utilize an AMGW in a variety of configurations and will discuss the monthly cost for the solution.
The architecture for using an AMGW in Operations Manager will vary depending upon the type of an environment it will be used in. From a high level, an agent is installed with an Operations Manager certificate based on the FQDN for the agent. That agent reports to a primary gateway and has a failover to a secondary gateway. Each gateway server is configured with a certificate based on the FQDN of the gateway. Each gateway server is configured to communicate with a primary management server and to fail over to a secondary management server. Each management server is configured with a certificate based on the FQDN of the management server.
The location of these various components will vary depending upon what environment it will be used in (Service Provider, Hybrid, Born-in-the-Cloud):
For a Service Provider, the servers are likely running in the customer’s data center and are represented by the "OpsMgr Agents" on the bottom left. The agents report to the Gateway servers in Azure which in turn report to the Management Server which are in the Service Provider’s data center.
In a hybrid configuration, the servers may be in Azure or in a customer data center. These agents are represented by both of the "OpsMgr Agents" in this diagram. The agents report to the Gateway servers in Azure which in turn report to the Management Server which are in the customer’s data center.
For a Born-in-the-Cloud configuration, each server is running in Windows Azure and is represented by the "OpsMgr Agents" on the left side. The agents report to the Gateway servers in Azure which in turn report to the Management Server in Azure.
What’s common to each of these?
In each of these configurations, the two gateway servers are in Azure. Additionally, the data flows from the agent to a gateway (with failover to a secondary one) and then from the gateway to the management server (with failover to a secondary one). The only real differences in each of these is where each of these Operations Manager components reside.
The data in Operations Manager flows from the agent to the gateway to the management server in this configuration. For details on the ports involved see the supported configurations document for Operations Manager 2012 R2 (http://technet.microsoft.com/en-us/library/dn249696.aspx) but the default port is 5723 with communication initiated from the agent to the gateway and from the gateway to the management server.
To estimate the cost of the AMGW’s, we can use the Windows Azure Pricing Calculator. For two small VM’s, the cost per month is approximately $135.
These could later be upgraded to Medium, Large, XL, A5, A6 and A7 depending on scalability requirements for the solution. The approximate costs for two medium virtual machines is shown below:
Bandwidth costs would also apply, a sample of this is shown below from the same calculator:
For a small scale example of this, an AMGW configured with a single agent reporting to it is generating approximately 20 mb/week (or 80 mb/month or about 1 GB a year). A screenshot below from the Azure portal for the Virtual machine shows the average outbound network statistics for this gateway.
Overall, the solution is pretty cost effective. To start with two AMGW’s in a small configuration has a cost of less than $150 a month (This is an estimate only based on sizing and estimated bandwidth requirements).
Next Steps for AMGW Architecture:
One of the next steps to consider for this architecture is the port requirements involved. Some organizations may not allow port 5723 outbound so in some environments it may be useful change the communication port from 5723 to something like 443. There is a discussion on this change to a non-standard port is available at: http://www.systemcentercentral.com/forums-archive/topic/scom-agent-and-gateway-on-non-standard-port-other-than-5723/.
The next blog post in this series will discuss steps associated with installation of the Operations Manager servers in the AMGW configuration.
Blog post series links:
The additional blog posts in the series include:
- Introducing the AMGW
- AMGW architecture
- AMGW server installation
- AMGW agent installation
- AMGW functionality