windows azure through the eyes of an it pro
DESCRIPTION
TRANSCRIPT
Windows Azure through the eyes of an IT Pro(and how to cope with Devs and Business stakeholders)
Mike MARTIN, ArchitectCrosspoint Solutions
Me.About();Member of:
Mike Martin Architect MEET Member Crew Member of Azug Windows Azure Insider Windows Azure MVP @Techmike2KX [email protected] http://techmike2kx.wordpress.com
3
Trying DevOps from the IT Pro view
IT roles and challenges
Introduction to the Cloud for the IT Pro
Hybrid ScenariosBuilding and deploying a Windows Azure Cloud ServiceManaging identity with the Access Control Service
What do IT pros do today? Install server hardware Configure the network Install the OS
Update, update, update…….. Manage storage and backup Apply security Manage certificates Deploy applications Monitor application/OS health and performance Match the business requirements by scaling to demand and
being agile
6
TIME
IT C
AP
AC
ITY
Actual Load
Allocated IT-capacities
Too Much Power
Not Enough Power
Load Forecast
Managing demand
Don’t forget you are also paying for unnecessary software licencing while you are over capacity*
Potential business
loss
Wasted capacity
Demand burst
Time
IT demand
Concert ticket web site
Ticket sales openTicket sales open
Compute capacity
CLMs
8
Public Cloud computing On demand compute and storage capacity Internet based Pay for what you use
Delivered as a service Don’t expect to be able to change what’s delivered It’s early days, expect things to change Read the SLAs
If they don’t give you what you need, look to another vendor
Windows Azure
Windows Azure Services
Windows Azure management
Portal APIs
Blobs, tables, queues
Building blocks for distributed services Access control Network connectivity
Connect on-premise and Cloud applications
Caching
Windows Admin Server Tools
On-premise managementOn-premise development
Visual Studio, Azure SDK etc
compute databasestorage
Cloud services
Web sites
Virtual machin
es
11
Setting the boundaries
Take control of your Windows Azure production environment
• Windows Azure is an extension of your IT environment As IT Pros, you need to monitor, debug,
scale, backup Doing all the good things you do today
• The anomaly is that developers have the potential to access compute and storage without asking you! Fine for development but not for production
12
Ready to go…
Start by creating a subscription Check for introductory offers MSDN subscriptions include Windows Azure service
www.windowsazure.com
MSDN Subscribers: you’ve got it, now use it
Redeem your benefit today!http://bit.ly/140uB31
*No purchase necessary. Open to eligible Visual Studio Professional, Premium or Ultimate with MSDN subscribers as of June 1, 2013. Ends 11:59 p.m. PT on September 30, 2013. For full official rules including odds, eligibility and prize restrictions see website. Sponsor: Microsoft Corporation. Aston Martin is a trademark owned and licensed by Aston Martin Lagonda Limited.
Develop & Test on cloud VMs at no additional cost!Activate your MSDN Benefit & try it by 9/30You could win* an Aston Martin V8 Vantage!
What if … EA
Great for large usage Offer granularity in departmens or tenants
ea.windowsazure.com
Managing Windows Azure subscriptions
Single view of multiple Windows Azure subscriptions
App controller
Private key stored in app controller database
Windows Azure service API
Windows Azure production
Windows Azure staging
API authentication
Public Key
Granular delegation of access to subscriptions
DemoDev - Test management
Granularity
Worker Role 1
Windows Azure Cloud Services
instance #0
RequestDatabas
eResponseBrowser
Communications viaQueues and Tables
instance #1
instance #2
instance #3
instance #1
instance #3L
B
instance #0
Scale upand down
Web Role 1
Web & Worker roles Applications are specifically developed for Windows Azure Web roles, Worker roles and storage
Windows Azure applications can be run in a development environment You cannot deploy and run them on-premise
Pay per role instance Two instances required for 99.95% SLA
Add and remove instances based on demand Load balancing is automatically configured
Choose your instance sizeCompute Instance Size CPU Memory
Extra Small Shared 768 MB
Small 1 1.75 GB
Medium 2 3.5 GB
Large 4 7 GB
Extra Large 8 14 GB
A6 4 28 GB
A7 8 56 GB
Each instance is deployed in its own VM You can use RDP to access the VM
Cost is based on deployed instance sizes Charged even if the instance is not running
Remember the SLA requires at least two instances per role
Storage Local storage can be allocated on an instance bases All Web and Worker roles are stateless so local storage should only be
used for caching
Persistent storage is managed through BLOBs
NTFS VHD drive can be stored in blobs and attached to instances Tables Queues SQL Azure
Storage access Blobs, tables and queues are accessible via URLs Accessible via Representational State Transfer (REST) APIs
Uses HTTP methods : POST, GET, PUT and DELETE Requests are signed with the storage key
All Windows Azure storage can be accessed from anywhere
Store, backup, recover your data
Your Data Center
Simple and fast on-ramp to AzureActive data instantly available locallyArchives less used data to Windows AzureRecover data from any internet connectionReduce enterprise storage TCO by 60-80%
Physical or Virtual Servers StorSimple
SQL Server Management Studio
Reliable off-site data backup
for SQL imagesEasily restore databases using VMs
Benefits
Store, backup, recover
Direct URL backup to Azure Storage
Restore in Azure Virtual Machine
Microsoft SQL ServerBackup and restore database to the cloud
Backup datacenter data to Windows using System Center Data Protection ManagerBackup and recover files/folders from Windows Server 2012 SP1
Windows Azure Backup
Store, backup, recover your data
BenefitsReliable offsite data protectionSimple, familiar, integratedEfficient backup and recoveryEasy set up
Windows Server 2012Windows Server 2012 EssentialsWindows Server 2008 R2 (SP1)
System Center 2012 DPM SP1
Your On-Premises Datacenter
Demo Storage
Windows Azure Virtual Machines Persistent VM roles
Yes, VMs as we know and love them Bring your own or use Microsoft provided
You update and maintain them
Possible to host: Active Directory, SharePoint 2010, SQL Server and more…
99.9% SLA on single-instance Connect to on-premise using
Windows Azure Virtual Network
Windows Azure Virtual Network
On-Premise to Windows Azure routable VPN Supports IPv4 routing Bring your own IP addresses
Windows AzurePersistent VMs
IT Admin
Developers
Your Datacenter
VMs in test/dev environment
Develop, test, run your apps
Provision VMs
Use VMs
Limited hardware budgetLimited software licensingResource contention with VMsCompromised developer agilityRealistic scale tests often challenging
Test and development on-premises
Developers
IT Admin
Develop, test, run your apps
Cost effective (pay for what you use)Improved developer agility with platform servicesReady to use gallery of imagesShip tested in realistic scale scenariosUse existing development tools & languagesAccess on-premise resources if necessary
Test and development using Windows Azure
Manage environment
Use VMs
Provision VMs
Your Datacenter,or Your Hoster
Develop, test, run your appsStart VMs and app development in Azure
Easy VM portabilityIf it runs on Hyper-V, it runs in Windows Azure
Production environment
Deploy anywhere with no lock-in
DemoVirtual Machines
Worker Role 1
Deploying Cloud Services
instance #0
RequestDatabas
eResponseBrowser
Communications viaQueues and Tables
instance #1
instance #2
instance #3
instance #1
instance #3L
B
instance #0
Scale upand down
Web Role 1
The developer builds the application
Configuration data values can be updated on the live system
The binaries and definition (csdef) file are zipped intoservice package file
Update & Fault Domains
Windows Azure distributes instances across multiple Update Domains to support in-place upgrades One domain is updated at a time
Supports application and Windows Azure OS updates Service remains running with reduced capacity
Similar concept used to support Windows Azure datacentre hardware failures Instances are distributed across multiple fault domains
A single failure will allow service to remain running
Worker Role Inst #0
Web Role Inst #0
Update Domain 0
Worker Role Inst #1
Web Role Inst #1
Update Domain 1
Worker Role Inst #2
Update Domain 2
Staging and production
A service can be deployed to staging, tested and “moved” to production by swapping the VIP
A service upgrade can be deployed to staging and then swapped to the production environment During the swap the current production environment is “moved” to staging
Production
Staging
Production URL
Staging URL
LB
LB
http://<guid>.cloudapp.net
http://<name>.cloudapp.net
Demo
Deploying and running applications
Demand burst with Windows Azure
Time
IT Demand
Concert ticket website
Ticket sales open
Ticket sales open
On-demand compute capacityand software lisencing
Compute Capacity
Scale prior todemand
Track demand – ensure success
Time
IT capacity
Forecast demandAvailableRequired
Managing Identity in the Cloud
• Application On-premise Partner
organization Somewhere!!!
User
• User On-premise Partner
organization Somewhere!!! • User’s Identity
On-premise Partner
organization 3rd Party Identity
provider
Name: FredPassword: *****Age: 107Country: Japan
Federation joins it all together
Windows Azure Active Directory Windows Azure AD includes the Access Control Service
(ACS) Provides a method for applications and services to authenticate and authorize users
ACS brokers authentication with popular identity providers Live ID Google Yahoo Facebook http://socialsts.net/
Relying parties can be applications or AD FS
Gathering data
Windows Azure StorageBlobs & Tables
Diagnosticmonitoring
Windows data sourcesEvent logs
IIS logsFailed request log
Performance counters
Role instance
Role
Local storage
On premise analysis
46
• System Center 2012 puts you in the driving seat
• App Controller• Deploy and
manage services/roles and instance counts
• Operations Manager• Monitoring
health and performance
Demo
Monitoring and diagnostics
What do IT pros do with Windows Azure? Install server hardware Configure the network Install the OS
Update, update, update…….. Manage storage and backup Apply security Manage certificates Deploy VMs and applications Monitor application/OS health and performance Match the business requirements by scaling to demand and
being agile
- for cloud / on-premise connectivity
New ways of supporting your enterprise and
new opportunities
- Manage image libraries and deploy
51
Azure Cloud offers you the opportunity to be the expert at bringing scalability and agility to your company’s applications and services
References / Things I mentioned The Windows Azure Storage Level 666 session
by Yves Goeleven 10 tools of the trade for your #windowsazure environment on my blog
System Center Advisor
52
53
Thank you