Massive consolidation: reducing 150+ Azure Front Door instances to 10

Before jumping into such a significant architectural change, the team needed buy-in from stakeholders across the organization. They constructed a clear business case highlighting: 

• The total current cost of maintaining separate instances
• The projected savings from consolidation
• The security benefits of standardized configuration
• The reduction in management overhead
• The necessity of migrating from the deprecated classic SKU

With hundreds of domains and services relying on Front Door, even a minor misconfiguration could cause significant disruption. The team implemented several risk mitigation strategies:

• Comprehensive communications plan
  "We sent communications to the product, custom domain owners, and service owners in advance – one month, two weeks, one week," explains the Team Lead. Each communication included:
  • Detailed migration schedule
  • Potential impact assessment
  • Contact information for the migration team
  • Rollback procedures
    
    
• Change management rigour
  "For production migrations, we usually raised change requests which were approved on a Change Advisory Board", says the DevOps specialist, ensuring proper governance throughout the process.
  
  
• Rapid response capability
  The team remained on standby during each migration window, ready to troubleshoot any issues that arose.
  
  
• Pattern recognition
  "If we discovered a single issue, we took note, documented it, and we were checking next time if it's going to happen or not," the Team Lead explains. This approach helped prevent recurring problems.

When dealing with critical infrastructure changes, especially those that impact dozens of teams and hundreds of services,  having a solid risk mitigation plan is non-negotiable. Below, we break down the most critical risks, the strategies used to manage them, and the impact those precautions had.

Within a remarkably short timeframe, the team successfully consolidated over 150 Azure Front Door instances down to just 10, with impressive outcomes:

• Tangible cost savings
  With each instance costing approximately $300 per month in base fees, the consolidation delivered immediate and significant savings. Conservative estimates put the annual cost reduction at over $420,000, accounting for both the eliminated base fees and the reduced operational overhead.
• Streamlined management
  Certificate updates, security patches, and configuration changes that once required touching hundreds of instances now affect just a handful. This operational efficiency translates to faster deployment times and reduced risk of human error during routine maintenance.
• Enhanced security
  By consolidating, the team enforced uniform Web Application Firewall (WAF) policies across all applications, ensuring consistent protection against common threats like SQL injection and cross-site scripting. Additionally, they implemented Azure's managed TLS certificates, eliminating the need for manual certificate renewals and reducing the risk of expired certificates causing service disruptions."
• Future-proofed infrastructure
  The migration to the newer Front Door SKU ensured long-term supportability from Microsoft and access to the latest features and security enhancements. This proactive approach eliminated the future scramble that would have been required when Microsoft eventually discontinued support for the classic SKU.
• Simplified monitoring and troubleshooting
  With a consolidated infrastructure, the team could implement comprehensive monitoring across all services, making it easier to identify and resolve issues. Troubleshooting became more straightforward with fewer moving parts to investigate.

Non-production environments (dev & test) were migrated in just two weeks, with approximately 100 custom domains spanning 20-30 products moved to the new consolidated architecture. Their business unit's production environment was then migrated in the following three weeks, with remarkably little disruption.

The complete migration of all non-production environments (dev, test, and pre-prod) across all business units took approximately three months, demonstrating the importance of a phased, methodical approach to large-scale architectural changes. 

Whether you're dealing with Azure Front Door specifically or any other proliferation of cloud services, the principles from this successful consolidation can guide your approach:

1. Start with a thorough inventory

   Understanding exactly what you have is essential before planning any consolidation.

2. Automate wherever possible 

   Scripting and automation not only save time but also significantly reduce human error. The team created export and import scripts to streamline the migration process and ensure consistency.

3. Test in non-production first 

   The team wisely started with non-production environments to identify and resolve issues before touching production systems.

4. Communicate relentlessly 

   "We sent communications to the product, custom domain owners, and service owners in advance – one month, two weeks, one week," explains the Team Lead. This proactive approach ensured all stakeholders were prepared for the changes.

5. Document edge cases 

   Unique configurations and special requirements will emerge – document them thoroughly to prevent future issues.

6. Create a feedback loop 

   "Every edge case or issue was analyzed and action items created to avoid having such in the future," the DevOps Team Lead notes – a practice that led to continuous improvement throughout the project.

Cloud architecture simplification projects like this one demonstrate that technical debt can be systematically addressed with the right approach. By reducing complexity, standardizing configurations, and improving manageability, organizations can achieve both cost savings and operational benefits. 

If your cloud infrastructure has grown organically over time, it may be worth examining opportunities for similar consolidation. The initial investment in planning and implementation can pay significant dividends in reduced costs and simplified operations going forward. 

Before launching a large-scale project like Front Door consolidation, it's critical to ensure your organization is set up for success. The checklist below highlights the foundational elements you should have in place, from stakeholder buy-in to automation tooling. 

Whether you're managing a handful of Azure resources or overseeing enterprise-scale cloud architecture, the consolidation principles demonstrated in this project can help you identify sprawl and implement effective streamlining. And if your organization needs expert assistance tackling your complex cloud infrastructure, Nortal-built DevOps teams can achieve similar results. 

Looking for more insights on cloud optimization? Check this article detailing how the same team saved $1M in Azure costs through targeted resource optimization. Stay tuned! 

Don't let technical debt continue to compound.

While you wait for our next article, our DevOps specialists are ready to bring order to your fragmented infrastructure. Do you really need 150+ Azure services when 10 would suffice? Is your cloud environment so complex that it makes the Azure portal look like a maze?

We specialize in building engineering teams who look at your architectural spaghetti and think, "Finally, a worthy challenge!" Where others see an insurmountable mess of technical debt, our teams see a satisfying before-and-after story waiting to happen. Let's tame your Azure chaos together!