Azure Dedicated Host
With Azure being a shared resources computing platform, this means that the default premise is that any VMs you create will run on a multi-tenant platform, thus you share the underlying physical hardware virtualization hosts with other tenants (organizations). However, your VMs and their workloads are isolated from other workloads on other VMs.
Putting this into an analogy, this means that you may have your own individual hotel room, but you share the hotel building itself with others; you may have your own dedicated front door to access your room, and each person has their own door (as it were) to their own room, but you all share the same corridor, stairs, lifts, restaurant, lobby, front entrance, car park, and so on.
However, Azure Dedicated Host changes that model and provides physical virtualization hosts dedicated to individual customers to host their Azure VMs for Windows and Linux workloads. In our analogy, this means that the building and its contents are yours and that you are not sharing with anybody else. This is not a hotel room—this is a house, a single-tenancy occupied building—and each room (or VM) is yours. The following diagram aims to outline this concept:
Figure 7.10 – Azure Dedicated Host
Here are some scenarios where you may choose to use Azure Dedicated Host in a solution:
- Compliance—An organization may have regulatory compliance that requires only physically dedicated virtualization hosts to run their VMs; they are mandated that they cannot operate their workloads on shared computing resources platforms.
- Control—An organization requires control of the compute platform infrastructure that its VMs will run on and visibility into all aspects that they may wish to gain insights on; it also requires control of maintenance windows.
- Choice—An organization may wish to have freedom of choice of hardware specifications such as processors, memory, server capabilities, and the VM series and sizes created on the virtualization hosts.
The following aspects are also to be considered:
- Availability—This can be provided by a host group, allowing multiple dedicated hosts to be provisioned to this group.
- Pricing—This is per dedicated host and is not dependent on how many VMs you host on it, but based on the VM family type hosted on it and the region. Storage, networking, and any software are billed separately and not included.
- Licensing—This is billed separately and not included.
This section looked at Azure Dedicated Host as a solution for the secure and private virtualization of host hardware. The following section looks at Azure Sentinel, which provides Azure’s security operations capabilities.