Introduction to Azure Infrastructure as a Service (IaaS)
Download
Report
Transcript Introduction to Azure Infrastructure as a Service (IaaS)
Azure
On-Premises Datacenter
Operational
cost model
~4x normal load
(Holiday shopping)
~10x normal load
(Tax season)
Operational
cost model
Rate of
Innovation
Offline Operations
Remote Debug Tag Expressions
Site to Site Virtual Network Stop without Billing
Xamarin integration
Traffic Manager Large Memory
SKU
Hyper-V Recovery
Cloud
Services
SDK
2.0
SQL, SharePoint, BizTalk Images HDInsight
Mercurial Deployment
Windows Phone Support
Partitioned Queues/Topics
Distributed Cache Scheduler
Remote Desktop Log Streaming
AutoScale Per Minute Billing Android Dynamic
Support
IaaS Active Directory
HTML 5/CORS
IP and SNI SSL
Custom Mobile API
BizTalk Services
Hyper-V Disaster Recovery Support
Last 12
months
MSDN Dev/Test
Integration Storage Analytics
http Logs to Storage
IP/DDOS Protection
Multi-Factor Auth
http Logs to Storage
Dynamic Remote Desktop
WebSockets AMQP Support
Delete
Disks
iOS Notification Support
New VM Gallery
VIP ACLs
Read-Only Secondary Storage
PowerBI
Queue
Geo
Replication
Windows Server Backup
Mobile Services
Manage Azure in AD New Relic
Notification Hubs
Git Source Control
Windows 8
B2B/EDI
AD Management Portal CORS/JSON Storage Support AD Directory
and EAI Adapters
VOD Streaming + Encoding
AutoScale/Monitoring
Web Sites
Point to Site
Media Services
Message Pump Programming Model
Sync
Notification Support
Software VPN
VS Online
Import/Export Hard Drives
Operational
cost model
Rate of
Innovation
Global
coverage
Azure
footprint
Azure datacenter
regions
Virtual Networks
Forced Tunneling
RBAC
Trust and Control
Multiple vNICs
IP ACLing
Subnet ACL’ing
Azure Virtual Machine
C:\
OS Disk
Disk Cache
D:\
Temporary Disk
(Contents can be lost)
E:\, F:\, etc.
Data Disks
Defend against regional disasters
East DC
> 400 miles
Geo replication
West DC
Azure Virtual Machine
C:\
OS Disk
Disk Cache
D:\
Temporary Disk
E:\, F:\, etc.
Data Disks
G:\, H:\, etc.
SMB Share
SMB 2.1
Shared settings, diagnostic share
Lift and Shift Applications
Azure VM
Azure VM
Azure VM
Up to 32 TB of storage per VM
>50,000 IOPS per VM
Less than 1ms read latency
Captures all disks attached
Best effort disk consistency
Re-deploy as a new VM
Sysprep and non-Sysprep
A
Highest value VM Size
Basic and Standard Sizes
General Purpose and High Memory
High Performance A8/A9 (RDMA)
D
60% faster CPU
Up to 112 GB Memory
Local SSD storage
G
Optimized for data workloads
Up to 32 CPU cores, 448 GB RAM,
6.5 TB local SSD
Latest generation Intel processor
SLA High Availability
Hardware and Software
Windows and Linux
SLA 99.95
Internal and External
TCP/UDP
ACLs, Client Affinity
Custom HTTP Probe
Internet
Public
Internal
IP
IP
Customer Network
InternalVIP
Internal
Front end
IP
Back end
Define Subnets, Private IPs, DNS
SSL Based Connectivity
VPN Device Connectivity
Partner ExpressRoute
On-premises
GW
VPN
Azure
Automation
Operation Insights
Ops DevOps
Migration and DR
Identity
Automate Operation Tasks
PS runbooks and community
Triggered by schedule / event
Highly Available Engine
Manage, Search and Build Insights
Log Management and analysis
Monitor, troubleshoot, store
Direct DSC and PowerShell
Octopus Deploy
Visual Studio RM
Chef and Puppet
InMage Migration to Azure
Azure Site Recovery
Recovery Plan and Test Failovers
Create and Debug a VM
Launch MSDN specific images
33% to 99% savings
Docker on Linux
Docker Client and Docker Hosts
Docker Hub on Azure (Coming soon)
A Growing Marketplace
Ubuntu
Oracle Linux
SUSE
CentOS-Based
CoreOS
Community
Cameras / Alarms
Secure By Design
24X7 security staff
Operation Security Controls
Barriers / Fencing
Compliance Certifications
Two-factor access control
Penetration Testing
Days of backup power
Forensics
Secure and Isolated VNets
Subnet ACLs
Forced Tunneling
Security Appliances
Multiple virtual NICs
Anti-Malware
VM Security Extensions
Role-Based Access Controls
Logging / Auditing
Encrypted VHD Boot
Infrastructure: Compliance
Information
security
standards
Effective
controls
Government
& industry
certifications
ISO 27001
SOC 1 Type 2
SOC 2 Type 2
FedRAMP/FISMA
PCI DSS Level 1
UK G-Cloud
HIPAA/HITECH
VPN
Reserve and Reuse an IP
Assign full port range of an IP
FTP services and Monitoring
53.0.0.1
VM3
VM1
VM4
VM2
Cloud Service
Front End (App) Tier
Virtual
Network 1
Internet
Subnet ACL 10.0.0.4
Middle (Logic) Tier
Virtual
Network 2
Subnet ACL 10.0.0.5
Virtual
Network 3
Backend (Database) Tier
On-Premises Datacenter
VPN ACL 10.0.0.6
Cloud Service
Front End (App) Tier
Virtual
Network 1
Internet
Middle (Logic) Tier
Virtual
Network 2
Virtual
Network 3
Backend (Database) Tier
On-Premises Datacenter
Forced Tunnel
Security Partnerships
Roles
• Collection of Permissions
• Action + Resource
Type
• Built-in Roles
• Owner
• Contributor
• Reader
Role Assignments
• Subject
• AD User
• AD Security Group
• Scope
• Subscription
• Resource Group
• Resource
Active Directory
Access Inheritance
Directory
Subscription
Resource Group
Resource
Customers
Game sessions
hosted using Azure
Hosted using >100,000
Azure Virtual Machines
Hybrid, Enterprise Grade, Hyper-Scale
Bringing our Cloud to you!
Agility, Time-to-Market, TCO
At any scale, at any time
http://aka.ms/msarch
facebook.com/microsoftazure
http://azure.microsoft.com/blog/
@CoreySandersWA
http://technet.microsoft.com/library/dn765472.aspx
http://technet.microsoft.com/en-us/library/hh546785.aspx
http://www.microsoft.com/en-us/server-cloud/products/
windows-azure-pack
http://azure.microsoft.com/en-us/
http://channel9.msdn.com/Events/TechEd
www.microsoft.com/learning
http://microsoft.com/technet
http://developer.microsoft.com