#azure (2018-11)

@btai has joined the channel

anyone here with a decent amount of azure experience?

@geertn mentioned he did

im curious how people are grouping their resource groups. im not sure if its better to be very granular, or if a single resource group per environment

@btai We use a subcription per environment. One subcription for general services to other subscriptions (VPN), one for prod, staging, etc. Next to that generally map resource groups to terraform environment / state files. So eg a RG for WAF with NLB, a RG for Domain Controllers with LDAP NLB, a RG for Recovery Services Vault, One RG for all networking stuff (Vnets/subnets). Mostly becuase it’s handy for deleting/redeploying thing without worrying too much but also to be able to set granular permissions on the RG’s

ok so youre not super granular with RGs, but within each environment you’ll have a handful of RGs

@geertn

@btai to give you an idea for an env with 15 servers we use about 8 rg

Next to that about 6 RG for things like recovery vault, packer images and build space, keyvault

I’d say it’s pretty granular

@geertn Okay sounds good. so in my environment I have a RG for the vnet + default subnets, RG for my AKS cluster + ALB + cluster subnets, and I’m planning on a RG for the pg database.

sounds about right?

@geertn completely different question, do you know why the Azure managed pg database makes the username {admin_login}@{host_name}?

Sounds good to me. I wouldn’t know about PG DB username no

@geertn do you use AKS?

No

Hi there, has anyone tested the new Python environment for functions ? https://github.com/Azure/azure-functions-python-worker#overview Bonus : have you tested it with Terraform built resources ? I’d like to know if it’s stable enough for simple timed triggered scripts.

@Erik Osterman (Cloud Posse) has joined the channel