provisioning it at the speed of need with microsoft...
TRANSCRIPT
Provisioning IT at the Speed of
Need with Microsoft Azure Presented by Mark Gordon and Larry Kuhn
Hashtag: #HAND5
August 20, 2014
Thank you for being here today
Presenters:
Mark Gordon Cloud Architect Aptera - [email protected]
Larry Kuhn Account Technology Strategist Microsoft - [email protected] @lkuhn65
• Part 1 • Overview of Azure • Set up your Azure Subscription • Introduction to the Portal • Tour of PaaS Services
• Azure Website • Media Services
• Break Between Sessions – 1 hour • Part 2
• Tour of IaaS Services • Storage Accounts • Cloud Services • Virtual Networks
• Create VMs
Agenda
The Hands On Lab activities are spread across 2 sessions.
Part 1 is a prerequisite for Part 2.
Cloud Computing Patterns
On and Off On & off workloads (e.g. batch job) Over provisioned capacity is wasted Time to market can be cumbersome
Unpredictable Bursting Unexpected/unplanned peak in demand Sudden spike impacts performance Can’t over provision for extreme cases
Growing Fast Successful services needs to grow/scale Keeping up w/ growth is big IT challenge Cannot provision hardware fast enough
Predictable Bursting Services with micro seasonality trends Peaks due to periodic increased demand IT complexity and wasted capacity
Cloud Computing Responsibilities
Your On-Premises
World
Office 365 Dynamics CRM
Online
Microsoft Azure covers IaaS and
PaaS
Microsoft Azure
Local currencies
Global datacenters
Global CDN
Global support
₩ ¥
€ руб
$
$ £
$
Rp
TL
chf
kr kr
$ R $
$
Local account teams
200+ Cloud Services 1+ billion customers · 20+ million businesses · 90+ markets worldwide
2.4+ million emails per day
5.8+ billion worldwide queries
each month
250+ million active users
10+ trillion objects in Microsoft Azure
storage
1 in 4 Enterprise customers
50+ billion Minutes of
connections handled each day
48+ million users in 41 markets
50+ million
active users
400+ million
Today, we manage 200+ global services, running 24x7
•Over 10 billion messages a day via Skype
• 600 million unique users monthly on MSN
• 1 Petabyte+ of updates served monthly Windows Update
• 5M+ Lync conference minutes per year
• 200 billion+ authentications through Microsoft Azure AD
•Over 4 billion+ authentications through Microsoft Azure AD per week
Datacenter Infrastructure Compliance
ISO / IEC 27001:2005 certification
SOC 1 Type 2 (SSAE 16 / ISAE 3402) attestation
SOC 2 Type 2 and SOC 3 (AT 101) attestations
HIPAA / HITECH Act
PCI Data Security Standard validation
FISMA & FedRAMP authorization
Various state, federal, and international privacy laws (95/46/EC—aka EU Data Protection Directive; California SB1386; etc.)
Microsoft Azure Trust Center
http://azure.microsoft.com/en-us/support/trust-center/
Set up your Azure Subscription
If you have an MSDN subscription we can help you activate your Azure Benefit now.
If you do not haven MSDN subscription we will provide you with a Promo Code for a free trial.
http://azure.microsoft.com/en-us/pricing/member-offers/msdn-benefits/
http://azure.microsoft.com/en-us/pricing/free-trial/
Reason: There’s less admin and management work to do
Benefit: Organizations spend less supporting applications
Reason: There’s less work for developers to do
Benefit: Applications can go from idea to availability more quickly
Reason: The platform does more, leaving fewer opportunities for error
Benefit: Creating and running applications gets more reliable
Lab 2 Web Sites
1. Create new web site from Gallery
2. Choose WordPress
3. URL – Must be unique
4. New MySQL Database
5. WebScaleGroup – Create new web hosting plan
6. Region - East US
7. Deployment Settings – For this lab you can leave the defaults
Comprehensive identity and access management cloud solution.
Directory services
Advanced identity governance
Application access management
Rich standards-based platform for developers
What is Azure Active Directory?
Azure Active Directory Premium
Directory in the cloud
Extend on-premises directories
(Sync + Federation)
Azure AD Sync Multi-Forest
Support
SSO to 2000+ SaaS apps+ LoB
and on-prem applications
Enterprise SLA of 99.9 percent
Centrally managed identities and access
Group-based user assignment
and provisioning to SaaS Apps
Company branding
Monitor and protect access to applications
Multi-factor
authentication
Advanced Security
reporting
Application usage reports
Empower users
Self-Service security settings
management
Self-service password reset
Delegated group
management
Lab 3
Active Directory
Select your Directory
Add User – Manage Multi-Factor – Enable for new user
Add user as administrator for subscription
Copy User Name - Copy Password – Send Password
Login at manage.windowsazure.com using in private session
• Part 1 • Overview of Azure • Set up your Azure Subscription • Introduction to the Portal • Tour of PaaS Services
• Break Between Sessions – 1 hour • Part 2
• Tour of IaaS Services • Storage Accounts • Cloud Services • Virtual Networks
• Create VMs
Agenda
The Hands On Lab activities are spread across 2 sessions.
Part 1 is a prerequisite for Part 2.
Affinity Groups Groups services in the same data center cluster.
Affinity groups are the way to group the services in your Microsoft Azure subscription that need to work together in order to achieve optimal performance. When you create an affinity group, it lets Microsoft Azure know to keep all of the services that belong to your affinity group running at the same data center cluster. For example, if you want to keep the services running your data and your code together, you would specify the same affinity group for those services. That way, when you deploy those services, Microsoft Azure will locate them in a data center as close to each other as possible. This reduces latency and increases performance, while potentially lowering costs.
VM Size CPU Cores Memory # Data
Disks Cost / hr
Extra Small Shared 768 MB 1 $0.013
Small 1 1.75 GB 2 $0.08
Medium 2 3.5 GB 4 $0.16
Large 4 7 GB 8 $0.32
Extra Large 8 14 GB 16 $0.64
A6 4 28 8 $1.02
A7 8 56GB 16 $2.04
Instance-to-instance communication TCP, UDP and ICMP, dynamic ports
UDP Traffic Supported Load-balanced incoming traffic and allows outbound traffic
Resolves VMs by name within the same cloud service Machine names are modeled explicitly and registered in the DNS service
For advanced connectivity scenarios such as Active Directory
Easily compose services by connecting public endpoints
Cloud on your WAN • Avoids risks from exposure to Internet
• Avoids complexity and added costs
• Provides lower latency, higher bandwidth and greater availability
Azure
WAN
Customer DC
Customer site 1
Customer site 2
IPsec VPN over Internet • Greater networking costs and latency since data is funneled
through a customer data center
• Data travels over the open Internet to connect to cloud
• Bandwidth is limited
Azure
WAN
Customer DC
Customer site 1
Customer site 2
Public internet