Business Continuity in the Windows Azure CloudYousef A. KhalidiDistinguished EngineerMicrosoft Corporation

AZR203

Session Objectives and Takeaways

Session Objectives: Understand business continuity support provided by Windows AzureLearn methods to maintain application availability

Key Takeaways:Windows Azure provides highly-available and geo-distributed infrastructureYou have to architect your app for high availabilityYour SLA requirements and budget constraints will dictate the solution

Cloud + Business Continuity

Some things changeNew trust relationships

Plan for failure at multiple levels

Design to operate seamlessly through failures

A new option for the disaster recovery site

And some remain the sameYour business goals

Your availability and recovery objectives

What can you expect from the platform?

How can you make your application highly available?

The Big Picture

Platform PreparednessPreventing and recovering from outages

Platform Services Optional availability services your applications can leverage

Application ArchitectureDesign your application to meet your availability goals

What We Do to Protect the Platform

Windows Azure World-Class By Design

State-of-the-art security and access controlWorld-class data centers - redundant power, climate control, and fire prevention and suppression

Leading innovator in power efficiency

Multi $billion cloud infrastructure

PhysicalFeatures

Geo-Distribution

Platform Availability and Security

Complianceand DR

Multiple data centers in different geographies

Local and geo-replication

Redundant platform services and failover

99.9% uptime, financially-backed SLAs

Highly available platform services

Service isolation over virtualized compute and network

Clear boundaries and multiple lines of defense

Physical facilities have broad compliance certifications

Service-level compliance on near-term roadmap

Preparedness, testing, refinement

Highly Available Infrastructure

RedundancyDuplicate copies of all dataNo single point of failure platform servicesRedundant network switches, routers, etc.

PartitioningMany separate compute and storage stampsSeparate fabric controller and related services for each stamp

Optimized for MTTRExpect and recover from failures quickly

North America Region Europe Region Asia Pacific Region

Major datacenter

CDN node

Windows Azure Global Presence

N. Central – U.S. Sub-Region

S.E. AsiaSub-Region

E. AsiaSub-Region

N. Europe Sub-Region W. Europe Sub-Region

S. Central – U.S. Sub-Region

East – U.S. Sub-Region

West – U.S. Sub-Region

Platform-Level DR Preparedness

Capacity management

Extra capacity reserved in each datacenter for DR purposes

“N+1” model for failover

Testing, simulations and process refinements

Platform meta state

Stored in storage system

Frequently check-pointed, backed-up and geo replicated

On-going investment in disaster preparedness

Platform Services You Can Leverage

Platform Services

A set of building blocks

BLOB and TableGeo-replication

SQL AzureDB Copy

Traffic Manager CTP

Application Health Management

North Central US

South Central US

North Europe

West Europe

East Asia

South East Asia

WA Storage Geo-ReplicationData geo-replicated across data centers hundreds of miles apart

Turned on right now for Blob and Table data

Provides data durability in face of major data center disasters

Data geo-replicated within regions only

User chooses primary location during account creation

Other datacenter in region is the secondary location

Asynchronous geo-replicationOff critical path of live requests

Geo-replication

WA Geo-Failover

Existing URL works after failover

Failover Trigger – failover would only be used if primary could not be recovered

Asynchronous Geo-replication – may lose recent updates during failover

Typically geo-replicate data within minutes

South Central US

NorthCentral US

Failover

Hostname IP Address

account.blob.core.windows.net

South Central US

Updating…

South Central US

Azure DNS

Updating IP Address

New IP Address

North Central US

Location of Customer Data

Customers may specify the geographic region in which their Data will be stored

Asia: East and Southeast Europe: North and WestUnited States: North Central, South Central,East, West

Microsoft will not transfer Customer Data outside the major geographic region(s) customer specifies (for example, from Europe to U.S. or from U.S. to Asia) except:

Where the customer configures the account to enable this, e.g., through use of the Content Delivery Network (CDN) featureWhere necessary for Microsoft to provide customer support, to troubleshoot the service, or comply with legal requirements

Microsoft does not control or limit the regions from which customers or their end users may access Customer Data

Microsoft may transfer Customer Data

within a major geographic region (e.g., within Europe) for data redundancy or

other purposes

SQL Data Sync

Goals of Data SyncSynchronization of data between SQL Server databases and SQL Azure databases

Synchronization of data between two or more SQL Azure databases

ChallengesPreservation of transaction boundaries

Some schemas are not supported

No support for multiple versions

Sync

SQL Azure

SQL Azure HA Recommendations

Enable resiliency by app re-try logic

Enable point in time recovery by maintaining several snapshots

Convert to BACPAC and blobs to minimize storage cost

Enable geo-redundancy by exporting BACPAC(s) into multiple datacenters

Consider using blob geo-replication to minimize storage and bandwidth cost

User initiated geo-replication

Automatic replication and synchronization

Optional RPO enforcement

Read-only geo-secondary

Multiple geo-secondaries

User-controlled termination for failover

Roadmap: Evolution of HA in SQL Azure

Backup to attached storage

Highly available

Restore to new database

Any point in time within retention period

Roadmap: Point in time recovery

P

S

S

P

Windows Azure Traffic ManagerLoad balance user traffic across hosted services running in same or different datacenters to build globally available, high performing apps

HostedService

HostedService

HostedService

• Load-balancing• Endpoint

monitoring

www.foo.com

foo.trafficmgr.cloudapp.net

CNAME

Policies

DNS based traffic management based on policies: Performance, Round- robin, Failover

Improve app performance by serving user requests with services ‘closest’ to them

Improve app availability by automatically failing over when a service goes down

Architecting Your App for High Availability

Deploy to multiple regions

Route traffic intelligently with Traffic Manager Synchronize data

Application Design Best Practices

“Performance” policy for active-active

“Failover” policy for active-passive

SQL Azure Backup and Data Sync

Other storage (custom-built replication)

Specify locations of compute and storage resources

Capacity and app arch considerations

Consider Your Application Portfolio

Mission critical

High impact

Low impact

Application Design Patterns

Redeploy on failureSingle data center deployment

Everything ready for redeploy

Capacity as available

Active / passiveSingle data center active

Staged in additional data center(s)

Reserve capacity, scale as needed

Active / activeMultiple data centers active

Use all of what you reserve

Optimize connections for performance

Plan it, test it

AssetsPeopleProceduresConnectionsDependencies

Balance

CostComplexityRecovery timeRecovery pointReserved capacity

Ideal Approaches

Mission critical

High impact

Low impact Redeploy on Failure

Active/Passive

Active/Active

Things To Think About

Logic that needs to be site/instance-aware

Availability objectives versus costCold/warm/hot standby

Synchronous or asynchronous replication, tolerance for loss

What components can be distributed and stateless?

Important Considerations

Data stored in Windows Azure blobs and tables is automatically replicated to peer data center

Can't access remote data until storage failover is complete

Microsoft decides when the failover occurs

Other data and applications are not replicated and do not automatically failover between data centersMaintain deployments in secondary data center to guarantee capacity

Using Windows Azure as a Disaster Recovery Site

Run VMs in cloud or on-premises

Periodically back up VHDs in blob storage

Launch VMs in the cloudConsider application architecture and dependencies

AD, databases, other services

Use Windows Azure for data backup

SQL Azure Sync

Backup data to blob store

3rd party appliances

Using Windows Azure as Online Backup with Windows Server 2012

Inbox EngineInbox UI

Windows Server 2012 Backup (Extensible)

Windows Server 2012

3rd Party Cloud

Microsoft OnlineBackup Service

3rd Party OnlineBackup Service

Microsoft OnlineBackup Portal

Sign up & Billing

IT Adminor VAP

IT Adminor VAP

RegistrationRegistration

Back

up

/Rest

ore

Back

up

/Rest

ore

Sign up & Billing

Comprehensive Compliance Framework

ISO/IEC 27001:2005 certification

Certification and Attestations

SSAE 16 attestations

Predictable Audit ScheduleControls Framework

Payment Card Industry Data Security Standard Health Insurance Portability and Accountability Act

Industry Standards and Regulations

Media Ratings Council Sarbanes-Oxley, GLBA, etc.

Test effectiveness and assess riskAttain certifications and attestationsImprove and optimize

Examine root cause of non-complianceTrack until fully remediated

Identify and integrateRegulatory requirementsCustomer requirements

Assess and remediate Eliminate or mitigate gaps in control design

More Information: Windows Azure Trust Centerhttp://www.windowsazure.com/en-us/support/trust-center/

One location to aggregate content across Security, Privacy, and Compliance

Summary

Multi-level failure handling built into Windows Azure platformPlatform provides you building blocks to use in your appYou have to architect your app for high availability

Availability objectives versus costDesign to operate seamlessly through failures

Windows Azure continues to invest in high availability

Related Content

Find Me Later At the TLC

Track Resources

Meetwindowsazure.com

@WindowsAzure @teched_europe

DOWNLOAD Windows Azure

Windowsazure.com/teched

Hands-On Labs

Resources

Connect. Share. Discuss.

http://europe.msteched.com

Learning

Microsoft Certification & Training Resources

www.microsoft.com/learning

TechNet

Resources for IT Professionals

http://microsoft.com/technet

Resources for Developers

http://microsoft.com/msdn

Evaluations

http://europe.msteched.com/sessions

Submit your evals online

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to

be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS

PRESENTATION.