Azure Solution Alignment Workshop
Download
Report
Transcript Azure Solution Alignment Workshop
•
•
•
•
Functional Areas
Cloud Platform Integration Framework
Architecture
• Architecture
• Deployment (Provisioning and
Deprovisioning)
• Business Continuity and Disaster
Recovery
• Monitoring
• Maintenance
• Operations
Deployment
Business
Continuity
and Disaster
Recovery
Monitoring
Maintenance
Workloads (Applications and Services)
Automation and Orchestration
Identity
Security
Public, Private and Hybrid Cloud
Fabric and Fabric Management
Operations
Management
as a Service
Data
Analytics
Modern
Management
Cloud
Migrations
Micro-services
& Containers
Managing mobile
devices and PCs
Provisioning
private clouds
and virtualized
data centers
System Center
Monitor | Automate | Provision | Protect | Self-Service
Monitor and
troubleshoot across
environments
Protection with
backup
Service
management for
business agility
Automate
deployments
and orchestrate
any cloud
Operations
Manager
Infrastructure and application
Custom log correlation & analytics
Heterogeneous operating systems
Flexible management packs
Alerting and notifications
Cloud monitoring including Azure, O365
and AWS
• Ecosystem of Partners
•
•
•
•
•
•
Operations Management Suite (OMS)
Simplified guest and workload management anywhere
Microsoft
Operations Management Suite
HYPER-V
VMWare
LINUX
LINUX
Operations Management Suite (OMS)
It’s simple
Time to value
Easy to integrate
A single portal for all your
management tasks. No infrastructure
to maintain.
Onboard fast. No content to create.
Connects to your on-premises
datacenter.
Add new servers, or connect to your
existing management tools within
minutes.
Hybrid and open
Extend System Center
Manage workloads across Windows
and Linux, hybrid and public clouds,
Azure and AWS.
Complements your System Center
investment to unleash new
management scenarios.
Operations Management Suite (OMS)
Log analytics
•
•
Effortless log collection
Integrated fast search
and queries with custom
dashboard
Spot problems fast
Backup & Recovery
•
•
Integrated cloud backup
Seamless disaster
recovery and workload
migration
Protect data easily
IT Automation
•
•
Hybrid runbook worker
Graphical workbook
authoring and
automation DSC
Automate tasks quick
Security & Compliance
•
•
Malware assessment
Security posture and
system update
assessment
Recognize threat early
1.
2.
Collection & monitoring infrastructure
Expanding inventory of knowledge/MPs
Search & Analytics
Azure Storage
Portal
Microsoft
Operations Management
Suite
System Center Operations Manager
1.
2.
3.
4.
Windows &
Linux Server
Modern Design
Amazing Performance
Unlimited Scale, Unlimited Retention
SaaS – Near Zero Management Overhead
On-Premises Environment
‘multiple’ Management Groups
Microsoft
Operations Management Suite
Portal
Operational Insights
Transforms machine data into near real-time operational intelligence
Azure
VMs
Azure
Diagnostics
Machine Data
Event Logs
IIS Logs
Security Logs
Perf Counters
Syslog
& many more
Windows &
Linux Server
Servers
forwarding
data
through
Windows &
SCOM
Linux Server
Search & Analytics
Azure Storage
Microsoft Azure
Operational Insights
Forecast Capacity
Assess System Update,
Malware, Configuration
Change Tracking
Respond to Threats
Identify security
breaches
Audit & Compliance
Portal
Servers
directly
forwarding
data
REAL TIME
SEARCH
READY MADE
INTELLIGENCE
DASHBOARDS
& REPORTING
Search, Correlate &
Combine
Visualize Results
Centralized & Extensible
Collection
Multiple Data Sources
regardless of Volume,
Format or Location
SCALABLE
Azure Operational Insights
Machine Data
Gather raw
machine data
Apply
logic, visualization
and data
acquisition rules
Solution Packs
Provide
Assessments
Recommendations,
Forecast, Trends
Explore Data from
the Portal
• Discover and show availability of Azure SQL Database servers
• Collects and monitors health of Azure SQL Database databases
• Custom thresholds for warning and critical alerts
• Run-as profile to securely connect to Azure SQL Database
• Custom query support to enable app-specific availability and
performance monitoring
Azure Monitoring Pack Overview
• Role Instance Availability, Status
•
•
•
•
•
•
•
and Performance
Scale up/down automation
Virtual Machine Availability and
Status
Storage Availability and Size
Azure Diagnostics Data Grooming
Topology Dashboard
Monitor Certificate Health
Hybrid Application definition and
monitoring
Pre-Requisites
• System Center 2012 Operations
Manager (or BMC Patrol)
• Azure Role “Owner” must be
published with full trust level
• Diagnostics instrumented in Azure
Application
• Azure Subscription ID
• Management Certificate (.pfx) and its
Password
Azure Monitoring Pack Security Settings
Run As Accounts
Run As Profiles
• Management Certificate
• Accounts are associated with the
Accounts created when
adding Subscription.
• Proxy Server Account is
optional and manually
created.
Management Pack profiles.
• Certificate related profiles
(automatically):
• Proxy Server account related
profiles
Monitoring Process Configuration
• From a given Subscription a
MP Template provides selection
of:
• Cloud Services
• Virtual Machines
• Storage Accounts
• Cloud Services based on the
Azure Deployment Slots
Monitoring Process Configuration
Azure Management Pack Template populates groups and
enables monitoring
Only selected
Azure
components
will get
monitored and
have a Health
State
Data Collection and Health Roll-Up
WADLogsTable
WADPerformanceCountersTable
WADWindowsEventLogsTable
Azure Cloud Service
Azure Deployment
Azure Role
5 mins
Azure Role Instance
Health Management
Cloud Service
• Availability: Status
• Dependency health monitoring for related Instances
• Management Certificate Expiration monitor
Deployment Slot
• Availability: Status
• Dependency health monitoring for related Instances
Storage Account
• Availability: Status
• Performance: Size
Performance Collection
Default Performance Collection Rules:
•
•
•
•
•
•
•
ASP.NET Applications Requests/sec
Network Interface Bytes Received/sec
Network Interface Bytes Sent/sec
Processor % Processor Time Total
LogicalDisk Free Megabytes
LogicalDisk % Free Space
Memory Available Megabytes
Distributed Application and Dashboards
Integrated Azure Distributed Application
Template Enables:
• Automatic Service Level Tracking
• Capacity and Resource Utilization
Dashboards
•
•
•
•
Topology Dashboard
Service Vicinity Dashboard
Availability Dashboard
Capacity and Resource Utilization
Dashboard
Portal Cloud Service Monitoring
Portal Storage Account Monitoring
Azure Traffic Manager Monitoring
Other – Customization Options with the Azure Portal
Two available methods to extend Azure Monitoring to Operations
Manager:
Invoke-RestMethod
against Azure REST API
Load Azure Module as
part of your monitoring
solution and use native
PowerShell commands.
Hybrid Cloud Monitoring
VM
DB
Discovery,
health
Cloud
service
Storage
Azure
Service
Bus
Active
Directory
Cloud
service
DB
Discovery, health
Operations
manager
Operations Manager enables
monitoring the health state of
both Private and Public cloud
depending on where the
application or service is running.
Service
Bus
Private Cloud
VM
Active
Directory
Host
Storage
Subscription
Windows
Azure
Subscription
SCOM 2012
Operations
Database
Subscription
On-premises
availability and health
*no collecting of performance counters or event logs
Log/Event/Performance
Counter Transfer
SCOM Data
Collection
Azure Role Instance
SCOM 2012
Operations
Database
Counters/Events/Logs
Windows
Azure
On-premises
Azure SQL Database Monitoring Model
Open Ports
Windows
Azure
Azure SQL Firewall
Operations Manager can
access Azure SQL through
an outbound port 1433
connection
Azure SQL
Server
XYZ
Operations Manager
SQL Azure Management
Pack
SCOM
Operations Console
Data
Data
Data
Source
Source
Source
Modules
Modules
Modules
Operations
Database
Port 1433
On-premises
Azure SQL
Databases
Accept IP Addresses for server XYZ:
Home: 98.189.23.24
Work: 12.10.219.234
Azure SQL Database Monitoring Model
Blocked Ports
AD
IaaS VM with SCOM
Agent (Agent Proxy Role
Enabled)
DNS
SCOM Agent
Distributed MP
Operations Manager
On-premises DNS
name resolution
Port
5723
Operations
Database
Azure
SQL MP
Azure SQL
Virtual Network
Windows
Azure
This is the simplest, and thus
recommended, approach, but
does require a VPN
connection.
1433,
3389
X
On-premises
1433
Azure SQL
Database
Public Cloud Monitoring
IaaS
Monitor through System Center
Operations Manager (SCOM) Agent
Via Site-to-Site VPN
System
Center
Operations
Manager
With
Management
Pack for Azure
PaaS and Fabric
Agentless Monitoring
Certificate Authentication
Via REST Endpoint
Availability
Monitoring
Diagnostics and
Performance
SharePoint
Monitoring with
Application
Insights
Usage
Application Insights Portal
http://www.visualstudio.com/enus/news
Application Insights
Available
Health Dashboards
Is my application available and
performing for users?
One Dashboard
Performing
Notifications & Deep Insights
What’s wrong?
Show me performance problems, memory usage,
and exceptions
Succeeding
Usage Dashboards
Where do we invest next?
Show me top features and customer
Usage patterns
Application Insights
Server side:
• .Net and Java
• Agent based
• Windows: Microsoft Monitoring Agent
• Azure: Includes Azure Virtual Machines and Cloud Services
• ASP.NET
• SDK based
Client Side
• Browser (JavaScript)
• Windows Phone
• Windows Store
Azure Web Sites
Application Insights
Application
Insights
service
1. Telemetry is collected at each
component: usage, performance,
exception, crash, event, synthetic
transactions, logs, developersupplied event data
2. Telemetry arrives to
Application Insights service
where it is processed
3. A 360 degree view of the
application – help keep it
available, performing and
succeeding.
Telemetry Sources
app
platform
infrastructure
1
Outside-in monitoring
2
Observed user behavior
3
Developer-emitted traces
4
Observed application behavior
5
Infrastructure performance
6
“Meta-telemetry”
URL pings and web tests from 16 global points
of presence.
How is the application being used?
Whatever the developer would like to send
to Application Insights.
No coding required – service dependencies,
queries, response time, exceptions, logs, etc.
System performance counters.
Source code, builds, deployments, configuration
changes.
Operational Insights
Capacity
Planning
System
Updates
Security and
Audit
Log
Management
AD and SQL
Assessment
Malware
Assessment
Alert
Management
Global Service Monitor
1.
2.
Extend monitoring capabilities of the SCOM console to
monitor external and internal facing web applications in
the same place you monitor other applications.
Leverage features such as Web Application Availability and
Monitoring and Visual Studio Web Tests.
Microsoft Azure Diagnostics
-
Troubleshooting/Debugging
Measuring Performance
Monitoring Resource Usage
Traffic Analysis and Capacity Planning
Auditing.
Organizations that have existing investments with System Center Operational Manager
can leverage this infrastructure to monitor their Azure-based assets through the Azure
Operations Manager Management Pack. The Azure Management Pack extends
monitoring of Azure resources by exposing them to Operations Manager.
Azure REST API
• Use when unable to find a corresponding PowerShell cmdlets.
However, with Rest API the interface can change which could
potentially force you to revise your solution.
Azure Module and
Native PowerShell
• Use when designing custom azure PowerShell solution due to
the abstraction factor. When future updates occur against the
cmdlets you are guarantee that the cmdlet interface will not
change and that the changes will be handled on the back end.
Application Code Development Integration
• Consider server side event logging first over client side (JavaScript).
• No guarantee of data latency while still under preview.
• App Insights will capture exceptions that you have to explicitly catch.
Application Logging
• Avoid using multiple trace listeners because they execute sequentially.
• Avoid using the default wadlogstable to store all events.
Operational Insights Threat Analysis