Azure Resource Manager

Journey to ARM–Design and Migrate

I’ve recently committed myself to migrate my (now former) azure classic VMs environment in Azure to the new Azure Resource Manager model. I then found out that there is no easy or ‘no downtime’ way to do it. There is some documentation and some interesting projects around to help with that, like the ASM2ARM project. Since I wanted to learn how the sausage is done, I’ve tried to come up with my own way, better or worse, so I took the Sinatra approach: did it my way!

What is all that?

If you notice in your current environment (and by that I mean the new Portal), everything is in a resource group already. Cloud Services got resource groups of their own, where you can see you old VMs in there, along with a Cloud Service Object:


In the new ARM model, a VM like this would require a few more items, like IPs, Nics,etc. The old model would make a few things easier by deploying cloud services kind of automatically, but it wouldn’t create clear relationships and dependencies between the objects. Before we dive in deeply, here is how I’ve planned my environment.


Yes, Azure is all about flexibility and having things ready to be used. However, you still need to know what you are doing! Surprise! Well, how I did. Since it is all new, I’m probably wrong, but it is all about the learning.

The things I usually keep ready in my Azure lab are:

– A Domain Controller – This DC is part of a domain, split between on-premises and the cloud (connected through a VPN).

– System Center Servers – SCOM, SCSM, SCORCH, VMM.

– Other things – test machines, Linux, website,etc.

So, my first attempt at all this will be having a basic infrastructure resource group, with my Storage Account, my Virtual Network (and VPN connection), as well as the domain controller:


Everything else that I build, unless it requires something special, should point to this infrastructure for Storage and Connectivity.

For the System Centre Servers, I have created another resource group, for all of them. One could argue that having separate ones, it would make things easier to manage later. It might be true. If the number of components was bigger, I’d probably go for that. In this case, most of the VMs will have only a VM and a NIC resource:


I have added a Network Resource Group to one of the VMs basically to allow external access.

For the remainder, I will probably create separate small Resource groups or maybe a one-fits-all RG called “other”, or “miscellaneous”.

And there you have it: my whole Azure environment is fully designed. Of course this is a very simple environment, but can get you stated in the ARM way of thinking. In my next Article, I will start with the basic connection between ARM and on-premises using a VPN gateway. Stay tuned!


Hope this helps!

Leave a Reply

Your email address will not be published. Required fields are marked *