Azure Taking your gateways down?

With most resources in Azure, there will be a time where maintenance needs to happen on the underlying resources.

In an Azure environment, there may be a heavy reliance on a Network gateway or gateways to provide a vital connection. As part of feature enrichment, updates and increasing performance, Azure will carefully plan these updates to minimise the impact.

To further reduce this, we can look at creating a Maintenance Configuration for your network gateway.

This will provide Microsoft days and times when they should perform the maintenance.

Just to note here. In addition to Network Gateways, Maintenance configurations can be used for Virtual Machines, especially useful for Virtual Machines that may have limited redundancy.

Creating a Maintenance Configuration

Go the Azure Portal and search for "maintenance configuration".

Click Create.

Select the Resource Group and Subscription.

Give the configuration a name. Following CAF standards, it should begin with the "mc" abbreviation and then follow your internal naming standards.

Chose the region. This should be the same region as your gateway.

Recommendation: Have a configuration per region. This is not only needed but will cater for global time zone differences. Even in UK South and UK West deployments, setting these for different times can ensure that maintenance doesn't occur at the same time.

Select Network gateways in Maintenance Scope.

Then press "Add a schedule".

Set a date and time when this schedule should start.

Caveat: Currently, the maintenance window has a minimum time frame of 5 hours. Also, as of writing this, for network gateway configurations, we can only have daily repeats.

It gives you a great little summary before you save.

Press save and then navigate to the resources tab.

You can have 1 to many gateways here, but as I mentioned earlier, the configuration must be in the same region as the gateway.

So you will have multiple configurations if you have a multi-region Azure deployment.

Adds some tags and then hit review and create.

And there you have it. You have ensured that Microsoft doesn't perform maintenance on your Network Gateways at inconvenient times.

Though, me being a cynic, makes me think that they wouldn't have developed this solution if they haven't been criticised for the times they're performing the maintenance, but here we are!

Although, on the flipside, it may be just to give consumers of Azure resources, piece of mind... I suspect it is this!

Hope you found this helpful.

{

 “SignOff”: {

“Cheers”: “THF”

}

}