Microsoft's Azure Portal: A boat load of updates, but is it too ambitious?
The spiritual successor to the Windows GUI
Microsoft has made numerous updates to its Azure Portal, partly to accommodate new features announced at its Build developer conference, and partly in an attempt to improve the user interface.
The Azure Resource Graph Explorer lets you query Azure resources using the Resource Graph Query Language, based on Microsoft’s KQL (Keyword Query Language), and then pin the results to the Portal dashboard as tables or charts.
The Azure Resource Graph explorer
The Azure Portal is a single page application, but is gradually improving for admins who want to do tabbed browsing. Some resources support opening in a new tab, now including resource groups (collections of your Azure services that are managed together) and subscriptions.
Virtual Machine (VM) management is improved with hostname (set in the operating system) now shown as well as the resource name used for managing the service.
Kubernetes is the current hot thing, and the Azure Portal has a bunch of new features for the Azure Kubernetes Service (AKS). Microsoft is trying to make life easier for developers who want to kick the tires on AKS without tangling with Helm Charts, packages of YAML (YAML Ain’t Markup Language) files which describe a set of Kubernetes resources.
Dev Spaces lets you connect a project on your development machine to an AKS Cluster for test and debug.
Deployment Center is a wizard, running in the portal, which automatically builds a pipeline in Azure DevOps (formerly Visual Studio online) that will deploy your containerised application to AKS and rebuild it automatically when you commit code changes (Continuous Integration and Continuous Delivery).
Polices (in private preview) is a governance feature for enforcing management and security policies for AKS resources.
There is also new support for multiple AKS Node pools in the portal. A node pool is a group of Kubernetes nodes (a machine where containers run) with the same configuration. Multiple node pools let you have node pools with different VM sizes or different operating systems in the same cluster.
Azure portal security center
The Azure Security Center is for reviewing and managing security policy for Azure resources, as well as making security recommendations. New features include the ability to move a VM from one policy group to another, and an Adaptive Network Hardening feature (in preview) which is analyses network traffic and makes rule recommendations for Network Security Groups.
Azure Portal as virtual operating system
The ability of the portal to accommodate frequent and substantial updates to its features stems from its original design. One of the team members at launch was Jeff Beckwith (now at Google) who explained the architecture in a blog post:
“The new portal is designed like an operating system. It provides a set of UI widgets, a navigation framework, data management APIs, and other various services one would expect to find with any UI framework. The portal team is responsible for building the operating system (or the shell, as we like to call it), and for the overall health of the portal.”
Different Azure services are built as extensions, “pretty much an application to our operating system”.
The reason for this design was that the earlier Azure portal, which was a single ASP.NET MVC application, was excellent when Microsoft offered only a few cloud services, but became unmanageable as services proliferated.
The current Azure portal is ambitious. Amazon Web Services (AWS) does not have anything similar, and the Google Cloud Platform (GCP) Console is less comprehensive.
In the cloud era, the Azure Portal is the spiritual successor to the Windows Server GUI. The ability to accomplish many tasks with point and click is perhaps particularly welcome for Windows admins. It is also good for discoverability of services and indeed for marketing: Microsoft does not waste opportunities to steer you towards other services or to default to somewhat expensive configurations when a cheaper one might do.
Every operation the Azure portal can do you can also do in PowerShell, often more quickly and sometimes with greater reliability. There is also Azure Cloud Shell which lets you run PowerShell or Bash shells on Windows or Linux, built into the portal.
Working with scripts has many advantages, for automation and for control. Microsoft does say on occasion that PowerShell is intended to be the primary means of managing Azure services, but the company’s investment in the portal shows the importance attached to it. If nothing else, it is a quick way to try things out that may lead on to real-world deployments.
There are also features like dashboards for monitoring and analytics for which a visual portal is well suited.
Is even the new portal getting out of hand though? A quick count shows nearly 300 services in 19 categories, a lot for a single-page application to manage. Effective search is ever more important. Performance can be a problem.
“The blades take too much time to load and keep moving back and forward while loading” was a complaint from 2016 that appears not altogether resolved; “still slow” says a comment from earlier this month.
Other top complaints are difficulties moving resources between groups and moving services between subscriptions. Resources are essentially for management and subscriptions essentially for billing and the interactions can be confusing and frustrating.
Horizontal scrolling in the portal is also unpopular, as it is on most GUI platforms.
Despite some frustrations, the portal is a distinctive feature of Azure and not hated. “Given Azure’s complexity it ought to be a lot more difficult to use than it actually is,” remarks a user. That is one way of putting it.
For more on new features in the Azure Portal see Microsoft's announcement here. ®