azure track -03- it pros meet azure - again
DESCRIPTION
by Kristof Rennen, Mike Martin IaaS in the public cloud, the final frontier. These are the voyages of the Enterprise IT team, it's mission: to be scalable and agile as possible. To achieve their mission goal they can use the new features of Microsoft Azure: •Azure Files •Azure RemoteApp •the new VNET features and it's big brother ExpressRoute •and much much more don't forget: Azure goes to Infinity and … beyond!TRANSCRIPT
IT Pros: Meet Azure... again!Kristof RennenMike Martin
Mike MartinWho Am I
View more tips on my bloghttp://techmike2kx.wordpress.com
Crosspoint SolutionsWhere I Work
Architect, Windows Azure MVP, MEET, Insider
What I Do
Where To Find Me
A little more about me
Who am I?
Kristof Rennen
Solution Architect Cloud & Mobile at CronosMicrosoft Most Valuable ProfessionalMicrosoft Extended Experts Team MemberWindows Azure vTSP & Insider / Mobile Services AdvisorMember of Azug, the Belgian Windows Azure User Group
IaaSWindows VMsLinux VMsStorageNetworking
PaaSWebMobileGamingCloud Services
DataAnalyticsMediaIdentity
The Azure platform
Microsoft Cloud infrastructure
Programming languages + toolsPowerShell, TFS + Git, Eclipse, .NET, Java, NodeJS, PHP, Python, Ruby
Greater than
1,000,000
SQL Databases in Azure
>25 TRILLION
storageobjects
>300
MILLIONAD users >13BILLION
authenticationsper week
>2.5 MILLION
requests per second
Hyper scale16 regions worldwide
in 2014
16 regions worldwide in 2014
Enterprise grade
Corporate AssuranceManageability
Security and EcosystemTrustworthy ComplianceEnterprise-Class Support Disaster recoveryCloud DR and HA
Corporate Assurance
Enterprise grade
Site recovery
DevOpsDevelopment IDEManagement Integration
Manageability
Enterprise grade
InfrastructureHybrid
Identity
Data
InfrastructureHybrid
IdentityHybrid
Active Directory
Active Directory
DataHybrid
Azure files
Import/export
Enterprise Grade IaaS
Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking
Enterprise Grade IaaS
DevelopmentMSDN Offer for Dev and TestWindows SQL Server and BizTalkSpecial Images
BASIC VM Sizes for Dev, Test and ProdBest value VMsBYOLB and BYOAutoScaleBASIC.A1
$152.92 / year (8x5 work)$91.52 / year (8x5 and MSDN)
MSDN Usage Options – Premium MSDN
24
100
Extending the power of your VMEnable easier managementSupport partner ecosystemFull control still with you!
VM Extensions
IaaS, meet PaaS
Azure
Curated Extension
s
Agent
Helper ExtensionsBGInfoUseful VM information added to the VM desktop
VM AccessReset admin password, rename admin account, reset network configuration (coming)
Virtual Machine ManagerUse VMM configuration files on Azure VMs
RDMA DriversEnable low-latency networking on A8 and A9 VM sizes
Configuration
PowerShell Desired State ConfigUse DSC to drive configuration
PowerShell OneGetFinds and installs software packagesChocolatey community repository
Windows Management Framework V5 Preview
configuration Main{ Import-DscResource -Module xWebAdministration
# Install the IIS role WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } # Install the ASP .NET 4.5 role WindowsFeature AspNet45 { Ensure = "Present" Name = "Web-Asp-Net45" }
. . . .. . . .
# Create a new website xWebsite BakeryWebSite { Ensure = "Present" Name = "FourthCoffee" State = "Started" PhysicalPath = "C:\inetpub\FourthCoffee" DependsOn = "[File]WebContent" } }
Configuration
BootStrapper
Azure Blob
CLIE
NT
Demo Walkthrough: Publish to Blob
Configuration
BootStrapper
Azure Blob
CLIE
NT
Demo Walkthrough: Configure Azure VM
Script Extensi
on DSC Resource
s
Resource Gallery
BootStrapper
Configuration
AZ
UR
E
VM
Parse
WebDeployEasily deploy websites from Visual Studio directly to an Azure VM
Remote DebuggingDirectly connect Visual Studio debugger to process in Azure VM
Development
Announcing Security and Ecosystem
Demo
Extensions and Visual Studio
Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking
Enterprise Grade IaaS
VM Images
VM Image
Captures all disks attachedBest effort disk consistencyRe-deploy as a new VMSysprep and non-Sysprep
OS Images(legacy)
Data Log
Demo
VM Images
System Center Management
External Load
Balancer
Customer Network
Customer on premises
Back end
Front end
Internet
Microsoft Azure
Public VIP
Microsoft Virtual Machine Converter 2.0
AzureServer VMDK
Server
Compute Intensive VM Sizes
Faster ProcessorsMore MemoryFaster inter-connect40Gbit/s RDMA NIC (Windows Only)
Name Virtual cores RAM
A8 8 56 GB
A9 16 112 GB
Growing our feature scale…
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Virtual Networking
Scale Unit
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Scale Unit Scale Unit
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Azure Server
Virtual Networking
Demo
Compute Intensive VMs in a region-wide VNET
Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking
Enterprise Grade IaaS
Access control Bitlocker EncryptionSQL Data Encryption (TDE)TrendMicro SecureCloudAfore SolutionsOperation Audit
SecurityApplication and Data
Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking
Enterprise Grade IaaS
Transform the DatacenterOrchestrated disaster recovery to a second site
Microsoft Azure Hyper-V Recovery Manager
Communication Channel
Replication channel:
Hyper-V Replica
Primary Site
Windows Server
Recovery Site
Windows Server
Communication and Replication
Microsoft Azure Site Recovery
Transform the datacenterOrchestrated disaster recovery to a second site or to Azure
Communication Channel
Replication channel:
Hyper-V Replica
Primary Site
Windows Server
Recovery Site
Windows Server
Microsoft Azure Site Recovery
Primary Site
Windows Server
Key features include:Automated VM protection and replication
Remote health monitoring
Customizable recovery plans
No-impact recovery plan testing
Orchestrated recovery when needed
Networking• VNet-to-VNet Connectivity• IP Reservation for VIPs• Instance Level Public IP• Internal Load-balancing
Enterprise Grade: NetworkingVNet-to-VNet Connectivity
Cross-region VNET connectivity enabling communication to any Azure datacenter
For HA and DR, customers create virtual networks in different Azure regions
BeforeConnect through
CropVNet1West Europe
VNet2North Europe
One-to-oneconnection
VNet1West Europe
VNet2North Europe
Contoso HQ
Cross-subscription connectivityVirtual networks in different subscriptions can securely communicate using private IP addresses
AfterDirect VNet-to-VNet
Enterprise Grade: NetworkingIP Reservation for VIPs &Instance Level Public IP Internet
Reserved VIP
VM1 VM2
Cloud Service - 1
Microsoft Azure
VM3 VM4
Cloud Service - 2
LB IP:
A.B.C.D
IP reservation for VIPs:Reserve public IP addressesCustomers can own IP addresses andassign them to cloud services
1
1
2
2Instance-level Public IPs Assign public IPs to VMsEnables scenarios like FTP services, monitoring VMs by IP, etc.
Internal Loadbalancing
Enterprise Grade: Networking
External Load
Balancer
Customer NetworkInternal
Load Balancer
Customer on premises
Back end
Front end
Internet
Microsoft Azure
Internal VIPPublic VIP
Internal Loadbalancing:Loadbalance VMs without public facing endpoints Enables load balancing among VMs with private IP addresses Load balanced endpoint accessible only by customer’s virtual and on-premises networks or just within the cloud service
Demo
Networking Features
Hybrid IaaS
Hybrid: Networking• Express Route GA• Multiple Site-to-Site VPN
Virtual network and ExpressRoute
Connect via an encrypted link over public internet
Peer at an ExpressRoute location, an Exchange Provider facility
Connection from WAN provided by Network Service Provider. Azure becomes another site on the customer’s WAN.
IPsec VPN over internet
Exchange provider
Network service provider
Customer DC
Virtual Network—Compute only.
ExpressRoute—Provides customer choice and includes access to
compute, storage, and other Azure services.
ExpressRoutepartner location
Customer site 1
Customer site 2
Customer site 3
WAN
Publicinternet
Publicinternet
Publicinternet
Customer site
Microsoft Azure
Microsoft Azure
Microsoft Azure
Multiple Site-to-Site VPNHybrid: Networking
Multiple Site-to-Site connections
Multiple on-premises sites connect to same virtual networkcustomer may have geographically dispersed locations
VNet1US West
VNet2East Asia
Contoso NorthAm HQ
(10.0.0.0/16)Contoso East Asia
(10.3.0.0/16)
Connect to multiple on-premises locations
Azure Files
Azure VM
SMB 2.1The Azure Storage System (3 copies)Shared Settings, Diagnostic ShareLift and Shift Applications
Azure VM Azure VM
AzureFiles
Demo
Azure Files
Hybrid Application Landscape
RemoteApp Cloud Deployment
•Office 2013 ProPlus preinstalled•Rapid provisioning: apps quickly available•Automatic maintenance: OS and apps always up-to-date, Microsoft anti-malware•Users can logon with Microsoft Account or with corporate credentials federated with Azure AD
RemoteApp Hybrid Deployment
•Apps, OS and settings are fully customizable•IT can manage template images and apply updates via Azure Portal•Full access to on-premises network•User logon with corporate credentials federated with Azure AD
Two Deployment Choices
Server 2012 R2 Session
Virtualization
Dynamic Scalability
RemoteApp Cloud Deployment
58
RemoteApp Service
Pre-built template imageAutomatically maintained
Published Apps
Session Host …
Session Host
Session Host
Elastic Runtime
Persistent user data(50GB per user)
Microsoft Account
Azure Active Directory
On-premises Network
Windows Server Active Directory
DirSync (optional
)
RDP
Identity Options
Authentication
Hybrid Cloud DeploymentHybrid
ManagementHybrid NetworkingFederated Identity
• Core technology: Azure Virtual Networking with Site-to-Site VPN
• RemoteApp Virtual Networks build on Azure networking to seamlessly access on-premises resources
• Core technology: Azure Active Directory with DirSync
• RemoteApp leverages Azure AD to control user access and enable Single Sign-On
• Core technology: Windows Server Active Directory on-premises
• RemoteApp hybrid resources are domain-joined and conform to on-premises policies
Cloud Deployment: Automatically maintained
Latest OS and application updates rolled out on an ongoing basisAlways the latest Microsoft Office 2013 ProPlus
Hybrid Deployment: Updates under IT Control
Ongoing updates: Running RDSH VMs can be updated with GP, WSUS, SC, and other management tools from on-premises.Image-based updates: You can upload a new template image and apply it to a RemoteApp service instance. Update will be rolled out automatically.
Patching and Updates
Cloud Deployment: Automatically maintained
Latest OS and application updates rolled out on an ongoing basisAlways the latest Microsoft Office 2013 ProPlus
Hybrid Deployment: Updates under IT Control
Ongoing updates: Running RDSH VMs can be updated with GP, WSUS, SC, and other management tools from on-premises.Image-based updates: You can upload a new template image and apply it to a RemoteApp service instance. Update will be rolled out automatically.
Patching and Updates
RemoteApp Hybrid Deployment
62
RemoteApp Service
Session Host …
Session Host
Session Host
Elastic Runtime
Persistent user data(50GB per user)
Azure Active Directory
RDP
Authentication
Custom template imageMaintained via Azure Portal
Corporate Apps
Published Apps On-premises Network
Windows Server Active Directory
LOBFiles
Azure VPN
Domain Joined
Subject to IT policy via GP, System Center, or other enterprise management tools
DirSync
RemoteApp Cloud Deployment
• Windows apps from Microsoft as a turn-key, scalable, globally available service
RemoteApp Hybrid Deployment
• Your corporate apps as a service that can be access from anywhere
Two Deployment Choices Compared
Server 2012 R2 Session
Virtualization
Dynamic Scalability
FeaturesPrice (per user) Free during preview
Window Server version Windows Server 2012 R2
Remoting Protocol RDP 8.1
Microsoft Office Professional Plus 2013
Bring your own applications
Device platforms Windows 7/8.x, iOS, AndroidComing soon: Windows Phone, Windows RT, Mac OS X
Microsoft Account support
Federated Identity with Active Directory
Integration with On-Premises IT Infrastructure
Storage (per user) 50 GB
Initial capacity at preview 20 users per Azure account. Customers can request additional capacity during the preview.
Regions US East, US West, Europe North, Europe West, Asia Pacific East, Asia Pacific Southeast
All the latest announcementsGenerally Available• ExpressRoute• Multiple Site-to-Site• In-Region and Cross-Region VNET• Compute-intensive A8 & A9 • IP Reservation for VIPs• Microsoft Azure Import/Export• Azure Managed Cache Service• Traffic Manager External End Points• Azure Store (EA only)• BizTalk Server 2013 R2 launch• Linux distributions phone support• PowerShell Script Deployment• Ecosystem Security• Windows Client in MSDN
Preview• Instance level Public IPs• Azure Redis Cache Service• RemoteApp• Internal Loadbalancing• Azure File• Azure API Management• BizTalk Hybrid Connections
Coming Soon• Site Recovery
And take home the Lumia 1320
Present your feedback form when you exit the last session & go for the drink
Give Me Feedback
Follow Technet Belgium@technetbelux
Subscribe to the TechNet newsletteraka.ms/benews
Be the first to know
Belgiums’ biggest IT PRO Conference