Transcript AzureScenariosx

ITCamp: Extend your Datacenter
with Microsoft Azure
Dan Stolts
[email protected]
@ITProGuru
• Extending your network with Microsoft Azure
Virtual Machines
• Tackling workload migration, networking and
other key scenarios
• Microsoft Azure for Test and Development
(IaaS)
• Application migration to Windows Azure
(IaaS & PaaS)
• SQL BI, Media, Backup, DR and much more
• Cloud Trends and Building Blocks
• Lab (storage, Network, service)
Agenda
• On Premises Virtualization vs Cloud and
Migration
• Lab (create VMs…)
• Identity here, there and everywhere
Integration
• Lab (AD in VM )
•
•
•
•
Lunch
The New PULSE of IT + Certification
DevOps
Dev, Test and SQL
• Lab (Build SQL in the Cloud)
• More…. (SPS, DR, Open Source)
• Lab (Application Workload with SQL Backend)
What is Cloud?
Public Cloud
Public Cloud
Cloud
Hype
Cycle
Source: Gartner, July 2013
Where Is …
VMware?
Amazon?
• x86 Server Virtualization
Magic
Quadrant
for
Magic
MagicQuadrant
Quadrantfor
for Cloud
Magic
Quadrant
for
Infrastructure
as a Service
x86
Server
Virtualization
Public
Cloud
Storage
Services
Application
Platform
Infrastructure
As A Service
• Cloud Infrastructure as a
Service
• Public Cloud Storage Services
• Enterprise Application
Platform as a Service
Leader in Gartner
Microsoft only LEADER in
ALL FOUR
magic quadrants
Magic
Quadrants
Cloud Computing Adoption Continues
Accelerating In The Enterprise
• 69% of enterprises have at
least one application or a
portion of their computing
infrastructure in the cloud,
up from 57% of
enterprises in 2012.
• 18% plan to use cloudbased applications and/or
computing infrastructure
via the cloud in the next
12 months
• 13% are planning to use
cloud-based applications
and/or computing
infrastructure via the
cloud within 1 to 3 years.
Forbes / IDC http://www.forbes.com/sites/louiscolumbus/2014/11/22/cloud-computing-adoption-continues-accelerating-in-the-enterprise/
As you begin your journey
along the cloud maturity
model, make sure you are
planning for advanced
stages of the model.
Select a provider/partner
that can lead you into
repeatable, managed and
even optimized stages of
the model across all
technologies you will
likely leverage including
hybrid solutions.”
Dan Stolts
Microsoft - Chief Technology Strategist
https://idc-community.com/manufacturing/manufacturing-value-chain/newresearchinbigdatacloudmobileandsocialsuccessfullyadoptingnewtechn
move faster
save
money
The Cloud has changed how we work,
BYOD goes
where we work and how we mainstream
do business.
integrate
on-premise
apps &
data
scale on
demand
Microsoft Confidential
9
There’s Customer Demand for Cloud &
Specifically for Microsoft Azure
CIO Cloud Vendor Preferences
Mid/Large Enterprise CIOs Expecting to Use IaaS
12%
4%
9%
9%
Source: Morgan Stanley CIO Survey, 2013. “Percentage of Enterprise CIOs Greater than $1B/$10B expecting to use IaaS by YE2014”
13%
20%
Think AND not OR
Virtualization
Identity
Development
Data
Platform
DevOps
and mgmt
Azure
Trust
Center
http://azure.microsoft.com/en-us/support/trust-center/
12
Azure
Compliance
http://aka.ms/AzureCompliance
IS 577753
HIPAA Business Associate Agreement (BAA)
13
Azure = Building Blocks to Technology Solutions
vpn
Huge infrastructure scale is the enabler
19 Regions ONLINE…huge datacenter capacity around the world…and we’re growing
North Europe
Central US
Iowa
US Gov
Ireland
North Central US
Illinois
West Europe
Netherlands
China North *
Beijing
East US
Iowa
West US
Virginia
South Central US
Texas
US Gov
Virginia
India West
TBD
Japan
West
India East
Osaka
TBD
East Asia
Do companies tell you what you want to hear?
SE Asia
Yes… But more importantly,
Singapore
Vendors Tell you what THEY WANT you to hear!
Brazil SouthIt may not always be TRUE!!!
MOST IMPORTANTLY:
Sao Paulo




Saitama
Shanghai
East US 2
California
Japan East
China South *
Virginia
100+ datacenters
One of the top 3 networks in the world (coverage, speed, connections)
2 x AWS and 6x Google number of offered regions
G Series – Largest VM available in the market – 32 cores, 448GB Ram, SSD…
Hong Kong
Australia East
Sydney
Australia West
Melbourne
Operational
Announced
* Operated by 21Vianet
Datacenter buildings are about
one football field in size
…large enough to hold two jumbo
jets
That’s up to 600,000 servers in
And there are 16 building per region…
each Azure region
Hyper-scale
Enterprise
Grade
Hybrid
How we differentiate
Windows Azure
LOB Application
Saved VM
State
Who has some of these projects on your wish list already?
What other projects or workloads are you considering?
StorSimple Cloud-Integrated Storage (CIS)
Primary Volume
Servers
Snapshot
Cloud Snapshots
to nearby cloud storage
service region
Cloud Clones
to remote cloud storage region
for DR
Storage Scale
Storage
Cloud
Storage
Opportunity
Windows Azure Storage
Exposed via RESTful Web Services
Microsoft Azure Storage Account
Can CDN Enable Account
Blobs delivered via 24 global CDN nodes
Can co-locate storage account with compute account
Explicitly or using affinity groups
Accounts have two independent 512 bit shared secret keys
100 TBs per account
Storage Security
HTTPS endpoint
Digitally sign requests for privileged operations
Can be regenerated independently
More granular security via Shared Access Signatures
Microsoft Azure Drives
Use existing NTFS APIs to access a network attached durable drive
Use System.IO from .NET
Move existing apps using NTFS more easily to the cloud
Durability and survival of data on instance recycle
Drives can be up to 1TB
Mounts Page Blob over the network as an NTFS drive
Local cache on instance for read operations
All flushed and unbuffered writes to drive are made durable to the Page Blob
How Microsoft Azure Drives Works
Storage Toolsanaging Storage
• Storage managed through many
third party tools
• http://blogs.msdn.com/b/windowsa
zurestorage/archive/2014/03/11/wi
ndows-azure-storage-explorers2014.aspx
• Storage explorers require the
Azure storage key
• Azure Copy
• Powershell
• Direct Web Access:
https://itcmaster.blob.core.windows.net/fy15q3/
AdventureWorks_log.ldf
DIPS and VIPS
VIP – Virtual IP address
• An internet-facing IP address that is not bound to a specific computer or network
interface card.
• The cloud service that the VM sits within is assigned the VIP.
• You can have multiple VMs in a cloud service. They share the same VIP.
DIP – Dynamic IP address
• This IP address is dynamically assigned (via DHCP) to your virtual machine by Windows
Azure. You rely on DHCP – Do NOT statically configure your IP address. Even for DCs.
• The IP address lease directly equates to the lifetime of the VM.
• If you create a virtual network, the VM will receive its DIP from that range.
IP Addresses
foo.cloudapp.net  VIP
Input Endpoint
Internal Endpoint
Summary of Networking Features
Input Endpoint
Internal Endpoint
UDP
Loadbalancing for virtual machines
Custom load balancer probes
Name Resolution
Windows Azure Traffic Manager
Windows Azure Virtual Network
for Hybrid scenarios
DNS Scenarios
Azure DNS Resolution of
INTERNAL resources are defined
per Cloud Service …
One cloud service cannot resolve
a different cloud service by
internal host names
SQL
Reporting
Service
SQL Analysis
Service
SQL
Service
Local DNS
Web Tier
Active Directory
Open User Access
(Website)
UI Process Components
SQL Service
VM Role
SQL
VM Role
SharePoint
FrontEnd
On-Premises Machine
Domain joined to OnPremises Network
VM Role
VM Role
Internet
Search and
Indes
SQL Service
VM Role
SQL
VM Role
SQL Mirroring
Active Directory
SharePoint
FrontEnd
DNS
VM Role
On-Premises
Machine
Business Components &
Entities
Active Directory
DC
Cloud Service
ITC-Service<ID>
WFE0
1
SQL01
DC01
Virtual Network ITC-VNET
Affinity Group
Virtual Network
Storage
Cloud Service
Virtual Machines
Microsoft Azure Virtual Network
•
Virtual Machines deployed into a virtual network have an infinite DHCP lease
•
Requirement for connectivity between your data center and the public cloud
•
Deploying Active Directory in the Cloud or connecting a PaaS to IaaS Service
Does Your App Need a Virtual Network
• Enables customers to extend their Enterprise Networks
into Windows Azure
• Networking on-ramp for migrating existing apps
and services to Windows Azure
• Enables “hybrid” apps that span cloud/premises
• Enables customers to setup secure private IPv4
networks fully contained within Windows Azure
• IP address persistence
• Inter-service DIP-to-DIP communication
Encrypted HTTPS
communication
Source Network
WMI for
agent push
installation
Mobility Service
Scout Agents
Target Cloud
Master Target (MT)
tcp/9443
Source
Servers / VMs
Process Server
(PS)
Config Server (CS)
Target VMs
Azure Virtual Network
Orchestration
Migration Accelerator
Portal UI Access
Administrator
Microsoft
Migration
Accelerator
Portal
Azure
Address spaces: 10.x, 172.16.x and 192.168.x
IP Address Space: 10.1.0.0/16
IP Address Space: 10.2.0.0/16
ExpressRoute:
Public
internet
ExpressRoute:
Public
internet
Public
internet
Virtual Network - Compute only.
ExpressRoute - Provides customer choice and include access to
compute, storage, and other Azure services.
SQL DB Mirroring / AlwaysOn
80/443
VPN Tunnel
Fileservers
Cloud Service
Web Based Applications
http://www.microsoft.com/en-us/download/details.aspx?id=42497
Hyper-V
Azure Virtual Machine
Cloud Svc
File System
SQL
SQL.VHD
AD.vhd
WAC AD
WAC.vhd
WFE/
APP
WFE.vhd
SQL
SQL.VHD
AD.vhd
WAC.vhd
WFE.vhd
WFE/ WAC AD
APP
Azure Storage
Microsoft Migration Accelerator for Azure
30 Minutes
A Domain Controller (DC01)
A SQL Server (SQL01)
http://www.windowsazure.com/en-us/downloads/#cmd-line-tools
Corporate Identity Comes from Many Sources
HR
System
givenName
surname
Samantha
Dearing
employeeID
007
Database
title
Coordinator
Exchange
e-mail
[email protected]
LDAP
telephone
555-123-4567
Identity attributes are often
located in multiple repositories
SQL Web Services PowerShell
(ODBC) (SOAP, JAVA, REST) LDAP v3
Forefront Identity Manager creates a
compilation of these attributes with
validation and keeps this in sync with
all identity realms
givenName Samantha
surname
Dearing
title
Coordinator
E-mail
[email protected]
employeeID 007
telephone 555-123-4567
Identity: Cloud, Sync or Federated?


Cloud identity provides a
solution where all identity
resides in the cloud
Identity sync enables customers
to bridge their existing identity
into the cloud
Federated identity allows
customers to retain all
authentication on-premises


B2B federated identity allows
customers to securely share and
collaborate with each other
comprehensive
Common Identity with Sync and Federation
Synchronization
*Write back of attributes to
support cloud first and coexistence
User attributes are synchronized including the
password hash, Authentication can be completed
against either Azure or Windows Server Active
Directory
Federation
AD FS provides conditional access
to resources, Work Place Join for
device registration and integrated
Multi-Factor Authentication
User attributes are synchronized,
Authentication is passed back through
federation and completed against
Windows Server Active Directory
*Coming Soon
Direct to cloud identity sync
Web Services
LDAP v3
(SOAP, JAVA, REST)
Azure Active Directory Sync provides
the ability to sync disparate on-premises
identity repositories directly to Azure
Active Directory
PowerShell
SQL
(ODBC)
Hybrid Identity
Windows Azure
Active Directory
A stand-alone Azure Identity and Access
management service also included in
Azure Active Directory Premium
Prevents unauthorized access to both onpremises and cloud applications by
providing an additional level of
authentication
Trusted by thousands of enterprises to
authenticate employee, customer, and
partner access.
What is multi-factor authentication?
Any two or more of the following factors:
Something you know: a password or PIN.
Something you have: a phone, credit card or hardware token.
Something you are: a fingerprint, retinal scan or other biometric.
Stronger when using two different channels (out-of-band).
No devices or certificates to purchase, provision, and maintain
No end user training is required
Users replace their own lost or broken phones
Convenience
Users manage their own authentication methods
and phone numbers
Integrates with existing directory for centralized user
management and automated enrollment
Works with all leading on-premises applications
Supports ADFS and SAML-based apps for federation to the cloud
Built into Microsoft Azure Active Directory for use with cloud apps
SDK for integration with custom apps and directories
Reliable, scalable service supports high-volume,
mission-critical scenarios
Strong multi-factor authentication
Real-Time Fraud Alert
PIN option
Reporting and logging for auditing
Enables compliance with NIST 800-63 Level 3, HIPAA,
PCI DSS, and other regulatory requirements
•
Azure Multi-Factor Authentication stand-alone
•
Included in Azure Active Directory Premium
•
Free for Azure administrators
•
A subset of Azure MFA functionality included in
Office 365
Azure MFA vs MFA for Office 365
MFA for Office 365
Azure Multi-Factor
Authentication
Administrators can Enable/Enforce MFA to end-users
Yes
Yes
Use Mobile app (online and OTP) as second authentication factor
Yes
Yes
Use Phone call as second authentication factor
Yes
Yes
Use SMS as second authentication factor
Yes
Yes
Application passwords for non-browser clients (e.g. Outlook, Lync)
Yes
Yes
Default Microsoft greetings during authentication phone calls
Yes
Yes
Remember Me (Public Preview coming in Q2)*
Yes
Yes
Custom greetings during authentication phone calls
Yes
Fraud alert
Yes
MFA SDK
Yes
Security Reports
Yes
MFA for on-premises applications/ MFA Server.
Yes
One-Time Bypass
Yes
Block/Unblock Users
Yes
Customizable caller ID for authentication phone calls
Yes
Event Confirmation
Yes
IP Whitelist
Yes
30 Minutes
A Domain Controller (DC01)
A SQL Server (SQL01)
move faster
save
money
The Cloud has changed how we work,
BYOD goes
where we work and how we mainstream
do business.
integrate
on-premise
apps &
data
scale on
demand
Microsoft Confidential
92
There’s Customer Demand for Cloud &
Specifically for Microsoft Azure
CIO Cloud Vendor Preferences
Mid/Large Enterprise CIOs Expecting to Use IaaS
12%
4%
9%
9%
Source: Morgan Stanley CIO Survey, 2013. “Percentage of Enterprise CIOs Greater than $1B/$10B expecting to use IaaS by YE2014”
13%
20%
The way it is…
YOU Are Needed
Starts
Provide Your Business Units The Service(s) They Need
Or Else….
Your Business Unit Will…
You WILL …
• Go Around You!
• Find a solution
• Host it in the cloud
• Stray from policy and
procedures
• Lose Control
• Lose Visibility
• Lose Management
• Still be RESPONSIBLE if the
$%^&* hits the fan!!!
• Lose your SANITY and
maybe even your JOB!
You CAN Make A Difference!
Knowledge IS POWER….
Does IT Matter?
Do You Have A Seat At The Decision Makers Table?
Y2K 1998->1/1/2000
• We had a seat at the
table
• Almost endless
resources
Dot-Com Boom -> Bust
Now – What’s Next?
• IT made decisions
• Tons of money
• Limited time, endless
projects
• Don’t wait for next
“industry” shift
• Make your own shift
• Prove you deserve a
seat at the table
How do typical executives see IT?
• Huge Cost Center
• Barrier to progress
• Pain in the …. Necessary evil
You CAN
Change IT
Let’s Look at How
Who is Smart & “Empowered”
• CEO? Empowered, sure… Is she/he smart on what is possible with
technology & cloud services? Is it her/his job to tell you what to do? Do
you want it to be her/his job to tell you what to do?
• CFO? Empowered, sure… is he/she smart on cloud services?
• Managers? Empowered? Smart on technology & cloud Services? Is it
his/her job to tell you HOW to solve current business problems? Is that
what you want… to be micro managed?
• YOU? Empowered? Smart?
New Pulse of IT
Be Strategic; Solve Business Problems
• How can you deliver services faster?
• How can you help the company continue expansion?
• How can you increase customer satisfaction or retention?
• What are current pain points for…
• Customers? Partners? Employees?
• What new services (cloud, mobile) might your company be
able to benefit from?
AKA.MS/MvaNow
http://
• Free Online University
• Lead to Certification
• Points System
• Bragging Rights
• Employee Evaluation
• Ranking / Badges
• Knowledge Tests
• Live Online Events
People Use
Technology
They Know
Certification Develops Essential Skills
"I’m responsible for a team
of 30 people. My company
is growing and growing.
When we hire someone
new, we check out his
certifications as well as
experience. People who are
not certified are dropped
from consideration. "
Peter De Tender |
Infrastructure architect |
Belgium
Ninety-one percent of
hiring managers
consider certification as
part of their hiring
criteria.
Certification, training,
and experience are
three of the top four
most important
characteristics when
selecting a candidate
for a cloud-related
position.
Microsoft Certification
Program Satisfaction
Study, April 2012
IDC/Microsoft, Climate
Change: Cloud's Impact
on IT Organizations and
Staffing, November
2012
https://www.microsoft.com/learning/en-us/certification-benefits.aspx
https://www.microsoft.com/learning/en-us/certification-testimonials.aspx
Microsoft Learning Certifications & Exams
•
•
•
•
•
•
•
•
•
•
•
•
Certification overview
Certification benefits
Success stories
Microsoft Certified Professional
Retired certifications
Why get certified?
Exams overview
Exam list
Exam policies and FAQ
Online proctored exams
Retired exams
Server
• Windows Server
• Exchange Server
•
•
•
•
•
Lync
SharePoint
Private Cloud
System Center
Virtualization
• Desktop
• Windows
• Applications
• Office
• Office 365
• Microsoft Dynamics
• Database
• SQL Server
• Developer
• Microsoft Azure
• Visual Studio
• SharePoint Apps
https://www.microsoft.com/learning
•
•
•
•
•
•
•
•
•
•
•
•
MCITP
MCTS
MCPD
MCSA
MCSD
MCSE
MOS
MTA
Microsoft Certified Trainers
MCDBA
Specialist
Microsoft Certified Educator
Microsoft Specialist
By passing a Microsoft Specialist exam, you validate your
knowledge and skills in a specialized area of technology. Some
Microsoft Specialist exams are included as requirements for
Microsoft Partner Network competencies, which help distinguish
your company from the rest in a particular technical discipline.
Offering benefit to you and your company!
MCP, Microsoft Specialist: Microsoft Azure Infrastructure Solutions
https://www.microsoft.com/learning/en-us/specialist-certification.aspx
More Skills on YOUR RESUME!!!
Cloud Certified; Cloud Experience
Exam 70-533 Implementing Microsoft Azure
Infrastructure Solutions
• Implement websites (16%)
•
•
Deploy websites - Define deployment slots; roll back deployments, configure and deploy packages, deploy web jobs, schedule web jobs
Configure websites - Configure app settings, connection strings, handlers, and virtual directories; configure certificates, custom domains, and traffic manager; configure SSL bindings and
runtime configurations; manage websites by using Windows PowerShell and Xplat-CLI
•
•
•
Configure diagnostics, monitoring, and analytics - Retrieve diagnostics data; view streaming logs; configure endpoint monitoring, alerts, and diagnostics; monitor website resources
Configure scale and resilience - Configure auto-scale using built-in and custom schedules; configure by metric; change the size of an instance
Manage hosting plans - Create hosting plans; migrate websites between hosting plans; create a website within a hosting plan
•
•
•
Deploy workloads on Azure virtual machines (VMs) - Identify supported Microsoft workloads; deploy and connect to a Linux VM; create VMs
Implement images and disks - Create specialized and generalized images for Windows and Linux; copy images between storage accounts and subscriptions; upload VHDs
Perform configuration management - Automate configuration management by using PowerShell Desired State Configuration and custom script extensions; enable
puppet and chef extensions
Configure VM networking - Settings include reserved IP addresses, access control list (ACL), internal name resolution, DNS at the cloud service level, load balancing endpoints, HTTP and TCP
• Implement virtual machines (18%)
•
health probes, public IPs, firewall rules, direct server return, and Keep Alive
•
•
Configure VM resiliency - Scale up and scale down VM sizes; auto-scale; configure availability sets
Design and implement VM storage - Configure disk caching; plan storage capacity; configure operating system disk redundancy; configure shared storage using Azure File service; configure
geo-replication; encrypt disks
•
Monitor VMs - Configure endpoint monitoring, alerts, and diagnostics
•
Configure cloud services and roles - Configure instance count and size, operating system version and family, upgrade and fault domains, ACLs, reserved IPs, and network access rules;
• Implement cloud services (16%)
configure local storage; configure dedicated and co-located caching, local and cloud configurations, and local disks; configure multiple websites; configure custom domains
•
Deploy and manage cloud services - Upgrade a deployment; VIP swap a deployment; package a deployment; modify configuration files; perform in-place updates; perform runtime
configuration changes using the portal; scale a cloud service; create service bus namespaces and choose a tier; apply scalability targets
•
Monitor cloud services - Monitor service bus queues, topics, relays, and notification hubs; configure diagnostics
Exam 70-533 Implementing Microsoft Azure
Infrastructure Solutions
• Implement storage (16%)
•
Implement blobs and Azure files - Read data; change data; set metadata on a container; use encryption (SSL); perform an async blob copy; configure a Content Delivery Network
(CDN); implement storage for backup and disaster recovery; configure Azure Backup; define blob hierarchies; configure custom domains; configure the Import and Export Service
•
•
•
Manage access - Create and manage shared access signatures; use stored access policies; regenerate keys
Configure diagnostics, monitoring, and analytics - Configure retention policies and logging levels; analyze logs
Implement SQL databases - Choose the appropriate database tier and performance level; configure point in time recovery and geo-replication; import and export data and schema;
design a scaling strategy
•
Implement recovery services - Create a backup vault; deploy a backup agent; back up and restore data
• Implement an Azure Active Directory (16%)
•
Integrate an Azure AD with existing directories - Implement DirSync, O365 integration, and single sign-on with on-premises Windows Server 2012 R2; add custom
domains; monitor Azure AD
•
Configure the Application Access Panel - Configure single sign-on with SaaS applications using federation and password based; add users and groups to applications;
revoke access to SaaS applications; configure access; federation with Facebook and Google ID
•
Integrate an app with Azure AD - Web apps (WS-federation); desktop apps (OAuth); graph API
• Implement virtual networks (17%)
•
•
Configure a virtual network Deploy a VM into a virtual network; deploy a cloud service into a virtual network; configure static IPs; configure internal load balancing; design subnets
Modify a network configuration Modify a subnet; import and export a network configuration
•
Design and implement a multi-site or hybrid network Choose the appropriate solution between ExpressRoute, site-to-site, and point-to-site; choose the appropriate gateway;
identify supported devices and software VPN solutions; identify networking prerequisites; configure regional virtual networks and multi-site virtual networks
Exam: https://www.microsoft.com/learning/en-us/exam-70-533.aspx#AzureCert
“DevOps is
development and
operations
collaboration”
“DevOps is
using
automation”
“DevOps is
small
deployments”
“DevOps is treating
your infrastructure
as code”
“DevOps is
feature
switches”
“Kanban for Ops?”
http://www.targetprocess.com/blog/2014
/06/how-it-works-kanbantimeline.html
https://www.crisp.se/gratis-material-och-guider/kanban
How to
deploy apps
consistently
How to analyze
and resolve
production issues
as fast and
efficient as
possible
How to
prioritize
technical debt
How to
provision
Dev/Test
environments
How to
deploy apps
consistently
How to
configure
Network
devices and
services
How to monitor
services, network
and app
performance
How to alert
and remediate
problems as
fast as possible
What successful companies do
Goal: Establish continuous and rapid flow of value; build the right
software, right.
Adapt and learn
Treating requirements as hypothesis; agile requirements; right quality;
non-linear/complex systems
Shorten total cycle time
Focusing on the baton, not the runners
Eliminate waste
Automation; self-provisioning (pull) of resources; everything as code
Collaborate
Focusing on people and their interactions;
capturing tacit knowledge; propagating information
Reduce risk
Smaller batches; automation;
monitoring; diagnostics
Continuous learning needs to occur
throughout, to continually refine and
improve both the development process and
the applications being delivered. By
employing integrated development and
operational tools, an organization will be
enabled to operate in continuous build,
measure, and learn cycles.
www.thoughtworks.com/insights/blog/how-implement-hypothesis-driven-development
More Ecosystem Building Blocks
BIZ
DEV
Production
OPS
Configuration
Test
Pre-Production
Integration
Dev/Test
Develop
Build
Deploy
Processes
Environments
Monitor and Learn
• DevOps: An IT Pro Guide
• Sign-up for FREE Azure trial
• Transform your IT skills in a
DevOps world
• System Center Evaluation
http://j.mp/devopsmva
• Channel 9 Edge Show: DevOps
http://aka.ms/edgedevops
• Microsoft DevOps blog
http://blogs.technet.com/devops/
• Application Insights for Visual
Studio Online trial
http://aka.ms/vsotrial
Websites
Windows Azure
Websites
Azure Storage Options – Today
Platform as a Service
• Azure SQL Database
Basic/Standard/ Premium
•
•
•
•
•
Document DB
Azure Search
Azure Cache
HD Insight
…more to come!
Infrastructure as a Service
Azure Storage
• SQL Server running in a
Windows Azure VM (with
new D/G-Series)
• Tables
• Blobs
• Queues
•
•
•
•
•
•
•
•
Elastic Search
Mongo DB
Cassandra
……many more
• IaaS: increased capability allows you to run more
• PaaS: evolving the managed offerings
Premium Storage *
No relational
Cheap storage
Optimized for density
What is Azure Search?
• A search-as-a-service solution allowing developers
to incorporate great search experiences into
applications without managing infrastructure or
needing to become search experts.
SQL DB vs SQL VM on Azure
• Both are running SQL Server engines
under cover
• (Comparison in details)
• Managed service vs customer
controlled environment
• Potential code change vs lift & shift
(feature compatibility)
• Scale-out vs Scale-up
• Volume and Cost
How To Move or Migrate SQL Server Workload to
Azure Cloud Services
• Right-Click Database in SQL Manager
for lots of ways to move/copy…
•
•
•
•
•
•
•
•
•
Detach
Backup / Restore
Generate Scripts…
Mirror
Extract Data-tier
Deploy to SQL Database
Deploy to Azure VM
Export Data
Copy Database
• Super Simple Step By Step…
• http://ITProGuru.com/sql2azure/
• Includes multiple versions of SQL
SQL Backup to Windows Azure Storage
Data-centric Application Design Fundamentals
 Performance
•
•
•
Workload driven design
Use cache for data and content
Batch together storage/database operations to reduce chattiness
 Scalability
•
•
Loosely coupled: asynchronous processing, decoupling of
tiers/components
Data partitioning/sharding
 Availability
•
•
Local and Geo replicas provide HA for data services
Design for failure and resilience (Failsafe)
 Cost
•
•
•
Trade-off between performance and cost
Storage cost vs development cost
Manageability cost
 Manageability
•
•
Backup/restore
Data movement and sync
•Storing TBs of structured data capable
of serving web scale applications
•Storing datasets that don't require
complex joins, foreign keys, or stored
procedures and can be denormalized for
fast access
•Quickly querying data using a clustered
index
Blob Storage Concepts
Cloud Data: Putting It All Together
 Backend Relational and non-relational data
options
 Cache’ing – think inline memory speed for
lists of data – ultra fast!
 Sharding – Split the database (reads and
writes) across any number of databases for
amazing scale and performance
 Document Storage –burden on super fast
storage subsystem instead of web
server/services
 Search almost anything; almost anywhere
by adding a Search building block
 Media streaming for infinite delivery … Last
two Olympic Games ran on Azure Media
Services
Sample Architecture
App / Web App
Back-End Services
Users
Pictures
Add’l Processing Can Be Inserted
and Offloaded (Worker)
Front-End Web
Services
Cache
Attachments
Search
Authentication
Media
Validation
Mobile
Confirmation
Display
Other
Encryption
Other Processing
Navigation
Authentication
SQL Data
Stateless
SQL Data
More Data
Other
40 Minutes
Create Web Server (WFE01)
Configure SQL Server (SQL01)
Build and Test Application Migration
http://www.windowsazure.com/en-us/pricing/calculator/
Cloud OS Network
For your hybrid datacenter solution
Global reach
Cloud OS consistency
Choice
Flexibility
1. Discover
2. Assess
3. Target
4. Migrate
Database backup
Backup and restore database
to the cloud
SQL Server Management Studio
Benefits
Reliable off-site data backup
for SQL images
Easily restore databases
using VMs
Windows Azure Backup
Backup datacenter data to Windows using
System Center Data Protection Manager
Backup and recover files/folders from Windows
Server 2012 SP1
Your On-Premises Datacenter
Benefits
Reliable offsite data protection
Simple, familiar, integrated
Efficient backup and recovery
Easy set up
Office 365
1. Discover
Your complete Office in the cloud
File sharing and collaboration
Business class email
Online conferencing
2. Assess
3. Target
4. Migrate
WFE
WFE
1
WFE
2
WFE
3
AppSvr
WAC
1
SQL
AD/DC/DNS
WAC
AD
2
1
APP
1
APP
2
SQL
1
AD
2
AD
1
APPS
DATA
DATA
Cloud Svc
SQL
2
VPN TUNNEL
WFE
4
LB
Cloud Svc
Virtual Network
Corp Users
On-Premise Network
1 Sign up
2 Install
3 Register (Certificate)
Agent
Agent
Agent
Agent
4 Set policy
5 Backup
Windows Server
2012
Data
Data
Data
6 Recovery (same server)
7 Recovery (alternate server)
End-to-End Disaster Recovery
Azure Site Recovery
Application Continuity
Apps
IIS
SQL
(SQL AlwaysOn, AD Replication, DFS-R,
RemoteApp, Office365)
Virtual Machine Replication
(Hyper-V Replica, InMage Scout)
Cross-Premises Networking
(Azure Virtual Networks, Site-to-Site VPN,
ExpressRoute)
Hyper-V Compute
Storage
Networks
Storage Backup, Snapshots &
Replication
(Azure Backup, StorSimple, Windows
Server vNext)
DR Orchestration
with
Azure Site Recovery
+
Azure Automation
30 Minutes
Configure Web Server (WFE01)
Build and Test Application Migration