Azure Using Cloud Principles

Herman Keijzer

PTShermank@microsoft.com

FocusAzure V2

(ARM)

Cloud principles• Freedom of choice• Marketplaces• Cloud Inspired

Infrastructure• Multi Vendor• Hybrid• Hyper scale• Self-service• Build in and on top of

Security• Build in Compliancy• Automation

• Continuous Change• Shared• Software defined• Scalable• Pay per Use• Build to fail• Multi Vendor• Lock in Reduction• Open- and closed

source• Build in Security

Saving cost

S M T W T F S

Capacity Needed (Max + 20%)

J F M A M J J A S O N D

Capacity Needed (Max + 20%)

tCom

pute

InactivityPeriod

On and Off Growing Fast Unpredictable Bursting Predictable Bursting 24x7 Steady

Save 20-30%

Save 60-80%

On and Off (30%)

Growing Fast (15%)

Unpredictable Bursting(25%)

Predictable Bursting(20%)

24x7 Steady(10%)

Your Application Portfolio – What Does it Look Like..?

server demandserver demand

resources required

resources required

public cloudprivate cloud

IAAS usage private vs public

Putting cloud principles into practice

Dynamic scaling

Growing Fast Unpredictable Bursting Predictable Bursting

IAAS-> using VM scale setsPAAS-> scale up / scale out in App servicesPAAS->SQL elastic pool

• Auto-Scalable

• Fast

• Customizable • Windows or Linux• VM extensions• Open PaaS platform

• Ease of Management• Focus on target

instance count• Updateable

VM Scale Sets in ARM

Resource Group

Subnet

Scalable Storage

VM

VNET

Scalable NIC…V

MVM

VM

Scale Set

Extensions

Manage groups of identical VMsVirtual machine scale sets are an Azure Compute resource you can use to deploy and manage a set of identical VMs. With all VMs configured the same, VM scale sets are designed to support true auto-scale – no pre-provisioning of VMs is required – and as such makes it easier to build large-scale services targeting big compute, big data, and containerized workloads

VM scale sets• For custom images you can only have a single storage

account and are hence limited to 20 VMs in a scale set (or 40 if you set the overprovision property to "false". This will be increased in the future.

• Maximum number of platform image VMs in a scale set is 100. This will be increased in the future

Sample;https://github.com/Azure/azure-quickstart-templateshttps://github.com/gbowerman/azure-myriad

https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-overviewhttps://azure.microsoft.com/nl-nl/documentation/articles/virtual-machine-scale-sets-deploy-app/

Azure appservices

SQL elastic pool

https://docs.microsoft.com/nl-nl/azure/sql-database/sql-database-elastic-pool

Turning vms on/off

tCom

pute

InactivityPeriod

On and Off

Turning vm’s off- Auto shutdown new in Azure- Automated using azure automation- On demand

Impact on cost

744= 31 (days) X 24 (hour)

496= 31 (days) X 16 (hour)

saving€ 309,52Per month

Pricing calculator 9 jan 2017

Auto-shutdown

On demand turn on/off via powershelllogin-azurermaccount

Get-AzureRmSubscription | sort SubscriptionName

$subscrName=“subscription name"

Select-AzureRmSubscription -SubscriptionName $subscrName

$ResourceGroup = "TP5"

$VMs = Find-AzureRmResource -ResourceGroupNameContains $ResourceGroup

Foreach ($VM in $VMs)

{

$VMStatus = Get-AzureRmVM -ResourceGroupName $ResourceGroup -Name $vm.Name -Status | `

    select -ExpandProperty Statuses | ?{ $_.Code -match "PowerState" } | select -ExpandProperty displaystatus

 

       if($VMStatus -eq "VM Running")

           {

 

              Write-Output "status of" $vm.Name "is" """$VMStatus"""

              Stop-AzureRmVM -ResourceGroupName $ResourceGroup -Name $vm.Name -Force

           }

           else

           {

              Write-Output "status of" $vm.Name "is" """$VMStatus"""

           }

 }

Azure automation

scheduler

Powershell scriptStop/start VM

Samples in azure

automation runbook gallery

https://azure.microsoft.com/en-us/blog/introducing-the-azure-automation-runbook-gallery/https://gallery.technet.microsoft.com/scriptcenter/site/search?f%5B0%5D.Type=RootCategory&f%5B0%5D.Value=WindowsAzure&f%5B1%5D.Type=SubCategory&f%5B1%5D.Value=WindowsAzure_automation&f%5B1%5D.Text=Automation

Using azure automation

Change size

Change size vm via portal

caveatsMultiple Nics per VM

The VM size determines the number of NICS that you can create for a VM!Configure only via Powershell, CLI or Template !

caveats Number of disks attached to a VM

https://azure.microsoft.com/nl-nl/documentation/articles/virtual-machines-linux-sizes/

automation

Azure Resource Manager

Benefits• Desired-state deployment

• Faster deployment

• Role-based access control (RBAC)

• Resource-provider model

• Orchestration

• Resource configuration

SQL - A Website VirtualMachines

SQL-AWebsite[SQL CONFIG] VM (2x)

DEPENDS ON SQLDEPENDS ON SQL

SQLCONFIG

Cache

Consistent Management Layer

Azure Resource Manager

Website VM SQL DB

Resource Provider

…..

Provider Contract

https://management.azure.com/subscriptions/{{subscriptionId}}/providers?api-version={{apiVersion}}

Tools

?

REST API

Resource Manager: Building a VMResource Group

Subnet

Storage

VM

VNET

Public IP storageAccount- accountType

publicIPAddress- allocationMethod- domainNameLab

el

virtualNetwork- addressSpace- Subnet

- addressPrefix

networkInterface- privateIPAllocati

onMethod

virtualMachine- hardwareProfile- osProfile- storageProfile- networkProfile

NIC

Github

https://github.com/Azure/azure-quickstart-templates

• ARM Quick Start Templates• https://azure.Microsoft.com/en-us/documentation/templates• https://github.com/Azure/azure-quick-start-templates

• ARM Schemas• https://github.com/Azure/azure-resource-manager-schemas/tree/master/schemas

• ARM Best Practices• https://azure.microsoft.com/en-us/documentation/articles/best-practices-resource-manager-

design-templates/• https://docs.microsoft.com/nl-nl/azure/best-practices-resource-manager-state

• ARM Visualizer• http://armviz.io

• VS Code Extensions• https://github.com/Azure/azure-xplat-arm-tooling

• Getting Stated guide• http://download.microsoft.com/download/E/A/4/EA4017B5-F2ED-449A-897E-BD92E42479CE/

Getting_Started_With_Azure_Resource_Manager_white_paper_EN_US.pdf

ARM Resources

Azure automation

More info

Learning pathhttps://azure.microsoft.com/nl-nl/documentation/learning-paths/automation/

Automation Bloghttps://azure.microsoft.com/nl-nl/blog/tag/azure-automation/

https://azure.microsoft.com/en-us/documentation/articles/automation-first-runbook-graphical/

Virtual Machine Extensions• Inject code and configuration into

VM’s

• Configuration• PowerShell, DSC, Chef, Puppet

• Management• Anti-virus, Backup, Patching, …

• Security• Disk encryption, …

VM Agent

Runtime & Extension API

Backup Extension

Monitoring Extension

VM Code & Configuration

https://azure.microsoft.com/en-gb/documentation/articles/virtual-machines-windows-extensions-features/

Freedom off choice

Microsoft Azure is an Open Cloud

Dozens of .NET & PHP CMS and Web applications

Bring your own

Via HTMl/JS, cross-platform and native

Ecosystem Provided

Languages, Dev Tools & App Containers

CMS & Apps

Devices

Databases

Management

MS Integrated

Operating

systems

UbuntuSUSE, OpenSUSE,

OpenLogic CentOS-based

Oracle Linux, CoreOS

Bringyour own

libcloudjclouds

DocDBDataStax

marketplace

https://azure.microsoft.com/en-us/marketplace/?source=datamarket

Infrastructure Services

Software for the entire cloud platform

Datacenter Infrastructure (24 Regions, 22 Online)

Compute Storage Networking

Platform Services

Security & Management

Web and Mobile

Media & CDN

Analytics & IoTIntegration

HybridOperations

Data

Compute Developer Services

Products

Virtual machine images

Multi-VM solutions Machine Learning services

Data services APIs

https://azure.microsoft.com/en-us/documentation/articles/marketplace-publishing-getting-started/

Build to fail

Azure availability setFault DomainsRepresent groups of resources anticipated to fail together i.e. Same rack, same serverFabric spreads instances across min 2 fault domains

Update DomainsGroups of resources that will be updated togetherHost OS updates honour service update domainsSpecified in service definitionDefault of 5 (up to 20)

Availability SetsVMs in separate Fault DomainsSLA 99.95 | HW SW | Windows & Linux

Redeploy

Build in security

Apps and DataSaaS

Microsoft protecting you

Malware Protection Center Cyber Hunting Teams Security Response

Center

Active Protection Service

SmartScreenOffice 365 Advanced

Threat Protection

WindowsUpdate

DeviceInfrastructure

CERTs

PaaS IaaS

Identity

INTELLIGENT SECURITY GRAPH

Cloud App Security

Rights Management

Key Vault

ConditionalAccess

Security Center

Event Management

Cyber DefenseOperations Center

Advanced Threat

Analytics

Digital Crimes Unit

Antivirus Network

Industry Partners

https://blogs.msdn.microsoft.com/azuresecurity/2015/09/29/secure-the-cloud-with-azure-security-center/https://azure.microsoft.com/en-us/services/security-center/

The Azure Security Center is your one-stop-shop for security in the Azure environment. It is a single dashboard that provides visibility into the security status of your Azure resources and control of those resources. It helps you protect your Azure environment, detect attacks, and respond to them

Cloud principles• Freedom of choice• Marketplaces• Cloud Inspired

Infrastructure• Multi Vendor• Hybrid• Hyper scale• Self-service• Build in and on top of

Security• Build in Compliancy• Automation

• Continuous Change• Shared• Software defined• Scalable• Pay per Use• Build to fail• Multi Vendor• Lock in Reduction• Open- and closed

source• Build in Security

appendix

High availability checklist• Use Traffic Manager

Avoid single VMsUse load balancers in front of web-facing VMsPut your stateless servers in Availability SetsUse VMSS for your stateless server scalingUse Premium Storage for your production VMsUse internal load balancers (or queues) between tiersDistribute your databaseUse cachesContact support before a high scale eventStore static assets in Blob StorageUse a CDN in front of your static assets

aaa

aaa

aa

aaaa