infrastructure the azure platform strategy microsoft azure stack & cloud platform system...

Take enterprise virtualization to the next level

NameAreaRole

AgendaWhere are we in Datacenter Evolution?Cloud: concerns vs. opportunitiesLearn how to take back control from Shadow

IT

Introduced virtualization

platform/ management

Industry-leading scale and

performance

Azure as design point

Windows Server 2008 R2

System Center 2007 R3

Windows Server 2012

System Center 2012



Microsoft Azure

Looking back

Public Cloud Storage Services2

x86 Server Virtualization1

Cloud Infrastructure as a Service3

Enterprise Application Platform as a Service4

A leader in Gartner magic quadrants

Microsoft only leader in all four magic quadrants

[1] Gartner “x86 Server Virtualization Infrastructure,” by Thomas J. Bittman, Philip Dawson, Michael Warrilow, July 14, 2015; [2] Gartner “Public Cloud Storage Services,” by Raj Bala, Arun Chandrasekaran, June 25, 2015; [3] Gartner “Magic Quadrant for Cloud Infrastructure as a Service,” by Lydia Leong, Douglas Toombs, Bob Gill, May 18, 2015; [4] Gartner “Enterprise Application Platform as a Service,” by Yefim V. Natis, Massimo Pezzini, Ross Altman, Rob Dunie, Anne Thomas, Kimihiko Iijima, March 24, 2015.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

EVOLUTION OF DATACENTER

EFFIC

IENCY

CLOUD-FIRST

APPLICATIONS AND SERVICES

INFRASTRUCTURE

How much remains un-virtualized?

Why is the business using

shadow IT?

Why is my CIO looking at agile alternatives?

Why is investment in apps growing so much faster than

IT?

We want you to be at the center of application innovation

Opportunity to rethink your datacenter: Think services, not serversTraditional datacenter• Tight coupling between infrastructure and apps

• Expensive, vertically integrated hardware

• Silo-ed infrastructure and operations

• Highly customized processes and configurations

Cloud Model• Loosely coupled apps and micro-services

• Industry-standard hardware

• Service-focused DevOps

• Standardized processes and configurations

Introduced virtualization

platform/ management

Industry-leading scale and

performance

Azure as design point

Cloud-first innovation:

Infrastructure and

application platform



Windows Server 2012

System Center 2012



Microsoft Azure

Windows Server 2016

System Center 2016

Microsoft Azure

Looking ahead

Cloud-inspired infrastructurePowered by Windows Server, Hyper-V,

System Center, and Azure

Compute Storage Network

Platform Services

INNOVATION

ContinuousImprovement Delivers

Rapid InnovationEverywhere…

The Azure Platform Strategy

Microsoft AzurePublic, Global, Shared DatacentersMicrosoft Azure Stack

& Cloud Platform System

Platform Services

Infrastructure Services

Compute Storage Network

Secu

rity

&

Man

ag

em

en

t

SaaS(Software as a

Service)O365, CRM, VSO

etc…+

3rd Party SaaS Solutions

Public Cloud Platfor

m

Azure Global Datacenters

Your Datacenter Infrastructure

Hyb

ridO

pera

tion

sSecu

rity

&

Man

ag

em

en

t

Hyb

ridO

pera

tion

s

Windows Server Linux

Windows Server Linux

What’s on your mind today?

How can I empower next-gen apps/services for my app owners?

How can I protect my datacenter assets from emerging threats?

How can I deliver on what my mission-critical apps need?





Rolling upgradesStorage QoSGuest clustering enhancements

Deploy enterprise-grade virtualization and IaaS platformHighest levels of scale, performance, and reliability

Best-in-class support for LinuxCentralized management


Windows Server 2012 R2 Hyper-VHigh performance live migration (compression/RDMA)

Zero downtime upgrades

Automatic VM Activation

Live VM export

App consistent guest backup

Enhanced VMConnect

Dynamic memory host balancing

First class Linux support – Dynamic memory, file system consistent host based backup

RemoteFX over WAN

Generation 2 Virtual Machines

Secure boot in a VM

User defined meta data for VHDX

PowerShell for all Hyper-V operations

Hyper-V Metrics

Shared nothing live migration

Hyper-V over SMB

Hyper-V over Spaces & ReFS

64 VP, 1 TB Monster VMs

SR-IOV for 10+GB networking

64TB VHDX

Hyper-V Replica

Network Virtualization

USB redirection over RemoteFX vGPU

Hot add/remove of storage

VHDX resiliency

Dynamic & differencing VHDX performance improvements

384 LP, 4TB physical system

2+ Million IOPS to a single VM

Resource Pools

NUMA in a VM

1024 running VMs on a host

High performance auto tiered storage spaces

Write back cache with spaces

Storage QoS

Shared VHDX for guest clustering

VHDX online resize

Storage deduplication with live VMs for VDI

Hyper-V Recovery Manager (Microsoft Azure Site recovery)

Azure Backup

Inbox multi-tenant site-to-site VPN gateway for physical & virtual networks

Protected VM Networks/Virtual RSS

Enhanced LBFO performance with NIC teaming

Hyper-V Extensible Switch

4K Sector support

Confidently virtualize anything: On-premises or Azure

Quick time-to-value Enterprise-grade reliability Heterogeneous flexibility

Customers require

Microsoft software-defined compute

Frictionless “cloud-cadence” infrastructure upgrades

Best-in-class support for Linux on Hyper-V

Benchmark-setting scale, performance, and resilience

Quick time-to-value Enterprise-grade reliability Heterogeneous flexibility

Customers require

• Rolling upgrades without downtime [no new hardware needed] • Mixed-mode

clusters

• Broad distro support, including: RHEL, SLES, Ubuntu, CentOS • Networking

performance: hot add/remove vNIC & in-guest vRSS

• Mission-critical scale: SQL, Exchange, SharePoint, SAP, Oracle • High-performance:

Live migration & Storage QoS • Maximum availability:

Guest clustering


Microsoft software-defined compute Frictionless “cloud-cadence” infrastructure upgrades

Best-in-class support for Linux on Hyper-V

Benchmark-setting scale, performance, and resilience

• Rolling upgrades without downtime [no new hardware needed] • Mixed-mode

clusters• Hot Add/Remove

Memory & vNIC• RDMA &

PacketDirect (100Gb Ethernet…)

• Broad distro support, including: RHEL, SLES, Ubuntu, CentOS • Networking

performance: hot add/remove vNIC & in-guest vRSS

• Mission-critical scale: SQL, Exchange, SharePoint, SAP, Oracle • High-performance:

Live migration & Storage QoS • Maximum availability:

Guest clustering


Optimize workload availability and performance Resilience to transient storage/network failuresDesigned for cloud-scale environments, this helps preserve VM session state in the event of transient storage or network disruptions.

Guest cluster availability enhancements

Online resizing, host-level backups, and Hyper-V Replica support

Effectively control workload performance with built-in Storage QoS

Simple out-of-the-box behavior that mitigates “noisy neighbor” issues. Highly customizable via policy, deliver granular performance guarantees on a per-VM or per-tenant basis. Fully automated via System Center/ PowerShell.

Hyper-V cluster

Node 1

Storage resilience

Node 2

VHD

Hyper-V

Best-in-class Linux support on Hyper-V

Broad support: Run Red Hat, SUSE, OpenSUSE, CentOS, Ubuntu, Debian and Oracle Linux, with full support.

Increased utilization: Run Windows and Linux side-by-side, driving up utilization and reducing hardware costs.

Enhanced networking: Highest levels of networking performance in Linux guests with virtual Receive Side Scaling (vRSS) support.

Storage enhancements: Hot-add and online-resize of storage for enhanced administration flexibility.

Better protection: Better-than-physical backup support for virtualized Linux guests on Hyper-V.

Simplified management: Single experience for managing, monitoring, and operating the infrastructure.

Spotlight capabilities

Hyper-V





Deploy enterprise-grade software defined storage in Server 2016Highest levels of scale, performance, and reliability


Microsoft Software-Defined Storage (SDS)

Performance and scalability with SMB3 File Storage network

Primary application data storage on cost effective, continuously available, high performance SMB3 file shares backed by tiered storage spaces

Continuous availability and seamless scale-out with Scale-Out File ServerElastic, reliable, optimized with tiered storage spaces

Low cost standard volume hardware

1

2

3

4

HYPER-V CLUSTER

SMB3 storage network fabric

SCALE-OUT FILE SERVER CLUSTER

Storage spaces

SHARED JBOD STORAGE

1

2 2

3

4

5 Unified storage management with System Center

Syste

m C

en

ter

5

Today’s solution with Windows Server 2012 R2 and System Center 2012 R2

Reliability, scalability, flexibility • Fault tolerance to disk, enclosure, node failures• Scale pools to large number of drives• Simple and fine grained expansion• Fast VM creation and efficient VM snapshots

Use cases• Hyper-V IaaS storage• Storage for backup and replication targets• Hyper-converged (compute and storage together)• Converged (compute and storage separate)

Cloud design points and management• Standard servers with local storage• New device types such as SATA and NVMe SSD• Prescriptive hardware configurations• Deploy/manage/monitor with SCVMM, SCOM &

PowerShell

NEW: Storage Spaces DirectSoftware defined storage for private cloud using industry standard servers with local storage


HYPER-V CLUSTER(S)

SMB3 STORAGE NETWORK FABRIC


HYPER-V CLUSTER

Storage Spaces Direct – Deployment ChoiceHyper-converged Converged (Disaggregated)

HYPER-V CLUSTER(S)

SMB3 STORAGE NETWORK FABRIC

Compute and Storage resources togetherCompute and Storage scale and are managed togetherTypically small to medium sized scale-out deployments

Compute and Storage resources separateCompute and Storage scale and are managed independentlyTypically larger scale-out deployments

Scale-out File Server Cluster

Hyper-V Cluster

Virtual Machines

I/OSched

I/OSched

I/OSchedPolicy

Manager

RateLimiter

s

RateLimiter

s

RateLimiter

s

RateLimiter

s

SMB3 Storage Network Fabric

Control and monitor storage performance

Flexible and customizabl

e

Policy per VHD, VM, Service or Tenant

Define Minimum & Maximum IOPs

Fair distribution within policy

Simple out of box behavior

Enabled by default for Scale Out File Server

Automatic metrics (normalized IOPs & latency) per VM & VHD

Management

System Center VMM and Ops Manager

PowerShell built-in for Hyper-V and SOFS

Storage Quality of Service (QoS) – Greater efficiency

Cluster OS Rolling UpgradeMixed OS mode is a new transition state for Failover ClustersOptimizations don’t runNew features are not availableDo not plan on running your cluster in Mixed OS Mode for longer than one month

WindowsServer2016

FailoverCluster

WindowsServer

2012 R2

FailoverCluster

Mixed OS

Mode2012 R2 & 2016

FailoverCluster

System Center 2016

Cluster OS Rolling Upgrade ProcessStart with a Windows Server 2012 R2 clusterAll nodes running Windows Server 2012 R2The workload supports Cluster OS Rolling Upgrade process


Cluster Functional Level = Windows Server 2012 R2





Failover Cluster

Cluster OS Rolling Upgrade ProcessMigrate Workloads Off Cluster NodePause | Drain the node







Failover Cluster

Cluster OS Rolling Upgrade ProcessEvict Idle Cluster Node







Failover Cluster

Cluster OS Rolling Upgrade ProcessRe-Provision NodeInstall New OSInstall and Configure any Workload Requirements






Windows Server 2016

Failover Cluster

Cluster OS Rolling Upgrade ProcessRe-Add Node To ClusterUsing Cluster UI or PowerShellCluster Functional Level Remains Windows Server 2012 R2






Windows Server 2016

Failover Cluster

Cluster OS Rolling Upgrade ProcessReady To Migrate Workloads BackMigrate workloads to Windows Server 2016 NodeValidate functionality






Windows Server 2016

Failover Cluster

Cluster OS Rolling Upgrade ProcessRepeat For Remaining Nodes


Windows Server 2016

Windows Server 2016

Windows Server 2016

Windows Server 2016

Failover Cluster


Cluster OS Rolling Upgrade ProcessAll Nodes Are UpgradedCluster Functional Level remains Windows Server 2012 R2Functionality is limited to Windows Server 2012 R2 levelsStill possible to add a Windows Server 2012 R2 node to the cluster

Windows Server 2016


Windows Server 2016

Windows Server 2016

Windows Server 2016

Windows Server 2016

Failover Cluster

Cluster OS Rolling Upgrade ProcessUpgrade Functional LevelCluster Functional Level upgraded To Windows Server 2016:

Update-ClusterFunctionalLevel cmdletNew functionality added in Windows Server 2016 enabledNo longer possible to add a Windows Server 2012 R2 node to the cluster

Windows Server 2016

Cluster Functional Level = Windows Server 2016

Windows Server 2016

Windows Server 2016

Windows Server 2016

Windows Server 2016

Failover Cluster

Cluster OS Rolling Upgrade ProcessUpgrade is completed

Windows Server 2016

Cluster Functional Level = Windows Server 2016

Windows Server 2016

Windows Server 2016

Windows Server 2016

Windows Server 2016

Failover Cluster

Cluster OS Rolling Upgrade: ImplementationCluster components are versioned:

ClusterFunctionalLevel property2016 nodes can join a Windows Server 2012 R2 ClusterUser-driven PowerShell cmdlet to upgrade the cluster:

Update-ClusterFunctionalLevelAll cluster resources receive upgrade notifications

Demo: Rolling Cluster Upgrades




Host Guardian ServiceGuarded HostsShielded VMVirtual secure mode

Protect your infrastructure from emerging threats Hardware-rooted security for zero-trust environments


Need to maintain stewardship of corporate assets in the midst of emerging threats

Cybercrime costs US economy up to $140 billion annually, report says

Los Angeles Times [2014]

How hackers allegedly stole “unlimited” amounts of cash from banks in just

a few hours

Ars Technica [2014]

The biggest cyberthreat to companies could come from the inside

Cnet[2015]

Cyberattacks on the rise against US corporations

New York Times [2014]

Espionage malware infects rafts of governments, industries around the world

Ars Technica [2014]

Forget carjacking, soon it will be carhacking

The Sydney Morning Herald [2014]

Malware burrows deep into computer BIOS to escape AV

The Register [September 2014]

Bigger motivations

2

Increasing

incidents

1

Bigger risk

3

1 1 2

2 3 3 3

Challenges in protecting high-value assetsAny seized or infected host administrators can access guest virtual machines

Impossible to identify legitimate hosts without a hardware based verification

Tenants VMs are exposed to storage

and network attacks while unencrypted

Fabric

Hypervisor

Customer

Hypervisor

Fabric

Storage

Host OS

Customer

Guest VM

Legitimate host?

Guest VM

Confidently protect sensitive customer data: Designed for ‘zero-trust’ environments

Host Guardian ServiceEnabler to run Shielded Virtual Machines on a legitimate host in the fabricShielded VMBitlocker enabled VM

Virtual Secure ModeProcess and Memory access protection from the host

Any seized or infected host administrators can access guest virtual machines

Impossible to identify legitimate hosts without a hardware based verification

Tenants VMs are exposed to storage and network attacks while unencrypted

Hardware-rooted technologies to separate the guest operating system from host administrators Guarded fabric to identify legitimate hosts and certify them to run shielded tenant Generation 2 VMs

Virtualized trusted platform module (vTPM) support to encrypt virtual machines

Host Guardian Service

Fabric

Hypervisor

Customer

Hypervisor

Fabric

Storage

Host OS

Customer

Guest VM

Trust the host

Guest VM

Hyper-V

Shielded VMs

Host Guardian Service

Storage

HOST without TPM (generic host)

Virtual hard disk

HOST with TPM

Virtual hard disk

Virtual hard disk

Shielded Virtual Machines



Spotlight capabilities

Shielded Virtual Machines can only run in fabrics that are designated as owners of that virtual machine

Shielded Virtual Machines will need to be encrypted (by BitLocker or other means) in order to ensure that only the designated owners can run this virtual machine

You can convert a running Generation 2 virtual machine into a Shielded Virtual Machine


How can I empower next-gen apps/ services for my app owners?



How can I empower next-gen apps/ services for my app owners?



Compute Infrastructure spectrumAzure Resource ModelDocker/Linux integration with Windows Server and AzureWindows Server & Hyper-V ContainersNano Server (cloud infrastructure OS and container OS)

Deploy next-gen application platformdesigned for distributed cloud applications


Compute infrastructure spectrum: Flexibility with control across on-premises and Azure

Microsoft Azure Microsoft Azure Stack

[on-premises | service provider]

Containers Virtual Machines Azure Service Fabric

What’s new in Azure IaaS: Azure Resource ManagerConsistent service delivery across Azure and on-premises datacenters

Declarative, infrastructure-agnostic approach for application deployment

• Infrastructure-as-code

• Management and deployment of infrastructure elements: VMs, storage accounts, NICs, LBs, virtual networks, and more

• Resource Group templates for ‘one-click’ deployments

• Supports RBAC and tagging

Gallery

Azure Resource Manager

Microsoft AzureOn-premises

Consistency

Describe Deploy Control

Azure Resource Manager




Microsoft Azure Stack: Application ConsistencyFuture Proof Your Development Investments




Cloud Application: Write OnceApplication Running in Azure in Microsoft Datacenters…




Cloud Application: Write OnceSame Application Running on Azure Stack in Your Datacenter…

Containers.

The tension between developers and IT

How do you empower developers to create innovative applications at a competitive rate without disrupting IT’s ability to manage servers and maintain control?

Developers need to create applications at a competitive rate without worrying about IT

New applications run smoothly on developer’s machines, but malfunction in traditional IT server

Developer productivity and application innovation become suspended

IT needs to manage servers and maintain compliance with little disruption

IT unsure of how to integrate unfamiliar applications, require help from developers

IT is unable to focus on server protection and application compliance

Developers IT

Hardware

What is a container?Traditional virtual machines = Hardware virtualization

VM VM VM VM VM

…

Containers = Operating system virtualization

Kernel

CONTAINER CONTAINER CONTAINER CONTAINER CONTAINER

…

Application

OS

Hardware

Processes

Kernel

OS

Demo: Windows Server Containers

• A new headless, 64-bit only, deployment option for Windows Server

• Deep refactoring focused on • CloudOS infrastructure• Born-in-the-cloud applications

And one more “little” thing: Nano Server

NanoServer

ServerCore

Serverwith a

Desktop Exp

Server CoreNano Server

Container operating system environments

Traditional applications

Highly compatible

Highly optimized

Born-in-the-cloud applications

And there is more…What’s new in Windows Server 2016https://technet.microsoft.com/library/dn765472.aspx

What’s new in System Center 2016https://technet.microsoft.com/en-us/library/mt445442.aspx

Azure in your Datacenterhttp://www.microsoft.com/en-us/server-cloud/products/azure-in-your-datacenter/

SummaryWhere are we in Datacenter Evolution?Virtualization is mature. It’s about cloud.

Cloud: concerns vs. opportunitiesConcerns: Security, Shadow IT => lack of control

Opportunities: Agility. Scale. Access. Disaster Recovery. Data Analytics, Machine Learning

Learn how to take back control from Shadow ITAssurance with Host Guardian Service and Shielded VMs

Next-gen application platform with Open Source support, Containers and Nano Server

infrastructure the azure platform strategy microsoft azure stack & cloud platform system...

Documents

r2 microsoft azurelooking

gartner research publications

r2 system center

r3windows server

design point windows

global infrastructure

enterprise virtualization

warranties of merchantability