스마트팩토리를위한 하이브리드클라우드 · 2018-03-22 · new development...
TRANSCRIPT
스마트 팩토리를 위한하이브리드 클라우드방안SR.PFE 신제영
제조업 비지니스 수행에 변화: 사람, 서비스, IoT
Supply R&D Production Marketing Sales ServicesSupply
R&D
Production
Marketing
Sales
Services
디지털변혁은혁신 과 매출을의미
산업 제조 업체의 IoT 도입시 기존
대비 평균 28.5% 의 매출 증가율을
보고 했습니다.
비지니스대응능력 대폭향상
산업용제조업체의 40% 가 디지털기술을 사용하여 고객에게 판매되는제품을 모니터 합니다.
고객경험이 가장중요
리더의 89%는 고객 경험이경쟁의 주요 토대가 될 것으로생각 하고 있습니다.
비지니스 리더는진화하고 있습니다.
제조업은 빠르게 진화하고 있습니다.
최근 제조업 업체 트렌드는 고객 중심적이며, 서비스형 제품을 제공합니다.
Physical Digital
Digital Transformation
Smart products
Service ecosystems
Connected consumers
Production assets
Raw materials and products
Preventive maintenance
`
R&D MarketingSupply
R&D
Productio
n
Marketing
Sales
Services
Industry 4.0
Industry 1.0
증기, 물, 기계 생산정비
Industry 2.0
분업에 기초한 대량생산 및 전기로구동되는 전력
Industry 3.0
생산 자동화를 위한전자 및 IT
Industry 4.0
사이버물리시스템(Cyber physical production Systems)
18th Century 20th Century 21st Century Today
Smart Factory에 필요한 기술들…
Social Media/ Collaborative
소셜 미디어는 조직내부와 조직 외부에서새로운 협업 방식을이끌어 내고 있습니다.
Analytics & Big
Data분석 및 빅 데이터를통해 방대한 양의데이터에서실시간으로 통찰력을얻을 수 있습니다.
Sensors & Actor
Network자체적으로 스티어링센서와 액터네트워크는 기계적활동을 제어합니다
Data Velocity
데이터 속도 분석을기반으로 실시간 의사결정 가능
Cloud
클라우드는 새로운수준의 확장성, 유연성및 응답성 제공
OPTIMIZED DATA CENTER
Well Managed
Infrastructure & Applications
CLOUD
Service Oriented클라우드 전환
To Modernizing Workloads
Silo-ed Efficiency
Legacy Application Cost Reduction
Legacy / Silo ApplicationNew
Requirements
Additional Functionality Innovate
New Functionality Scalability
Cloud Native Application Cloud Capability
Silo-ed Architectures
App 1
Expansion
Expansion
Expansion
App 2
Expansion
Expansion
App 3
Expansion
Managing Services
On Premises
Legacy
App 1
Silo-edArchitectures
On Premises
Private Cloud
LeveragedInfrastructure
App 2
LeveragedInfrastructure
Off Premises
IaaS–SaaS -PaaS
Services
ServiceOriented
App 3
Identity
Application
Data
OS
Virtualization
HW
Storage
Network
Unix Linux
Mainframe Windows
Consumingcompute storage network
App
Resource
silo #1
App
Resource
silo #2
App
Resource
silo #3
Customer
ServiceProvider
Microsoft
ConsistentPlatform
ONEA UNIFIED
CLOUD STRATEGY
클라우드통합전략
Compute/storage/network Compute/storage/network
• 유연한 개발
• 통합 관리
• 통합 인증
• 통합 가상화
• 완전한 형태의 데이터 플랫폼 확장
Microsoft Cloud Services
Old IT New IT Workload
* Not meant to be a comprehensive list of all services, for a complete list please visit azure.microsoft.com
APP SERVICES
NETWORKING & AUTOMATION SERVICES
COMPUTE SERVICES DATA SERVICES
Hybrid Cloud….
On Premises Private Cloud
AutomationHealth Monitoring
Site-to-Site VPNPoint-to-Site VPN
Express Route
Azure
Web
Site
web
roles
worker
roles
Virtual
Machines
Azure
Mobile
Services
TFS or
VS Online
+ GIT
Azure
AD
Multi-Factor
Auth
Azure
Cache
Access
Control
BizTalk
Services
Media
Services
Service
Bus
Notification
Hub
Scheduler
SANStorage
Spaces/SMB
Server Group #1 Server Group #2
VIRTUALIZATIONCOMPUTE,STORAGE &
NETWORKING
Physical Infrastructure (Servers/Storage/Networking
DEVICES & FACILITIES
NETWORKING, COMPUTE, STORAGE, APP SERVICES,
AUTOMATION, DISASTER RECOVERY, DEV, TEST, UAT, etc.
… as a SERVICE
StorSimpleCloud Integrated Storage
Azure
Site
Recovery
StorSimple
Virtual
Appliance
Backup
Service
Gallery
OS images
VHD VHD
data disk
MySQL
database
SQL
Databas
e
SQL
Data
Sync
HDInsight
(Hadoop)
storage
queue
storage
blob
storage
table
Virtual
network
Automation CD
N
Availability
SetAzure load
balancer
Auto-
scaleTraffic
Manager
APPLICATIONS &SERVICES
Provisioning
Monitoring
Automation & Self Service
Application Insight
IT Service Management
PATH TO AHYBRID CLOUD
Network Virtualization
Storage Consolidation
Server Virtualization
(Hyper-V, VMware, XEN)
Scalability & Bursting
Cloud Sourcing ( Azure,
AWS, etc)
Access & Information
Protection
Management &
Automation
High Availability
Role Based Administration
DEFINETHE FABRIC
Self Service Catalogue
Service Management
Chargeback / Show-back
Automation
MANAGECONSUMPTION
Service Dependencies
Application Insight
Security & Protect
Availability & Recovery
Dynamic Optimization
Capacity Planning
Dashboards
Multi-Cloud Support
(Physical, Virtual, Private,
Hybrid, Public)
OPERATE &MONITOR
Application Specification
(Physical / Virtual / IaaS / PaaS
or Hybrid)
Service library
Deployment Services
SERVICE ARCHITECTURE
Business Needs
Interconnections &
Dependencies
Delivery Channels, Screens
Resiliency, Scalability &
Archival
Security & Compliance
Operational Model
DEFINETHE SERVICES
Hybrid Cloud 선택 기준
DEFINETHE SERVICE
어플리케이션서비스별선택기준Pla
tfo
rmA
pp
licatio
n
Applications
Data
OS
Access /
Security
Front End
Capability
Servers
Storage
Networking
Facilities
Platform /
Architecture
On PremisesLegacy
App 1
Silo-edArchitectures
On PremisesPrivate Cloud
LeveragedInfrastructure
App 2
LeveragedInfrastructure
Off PremisesIaaS–SaaS -PaaS
ServiceOriented
App 3
Current Application Catalogue
AdHoc Managed Service Oriented
Monolithic
Data Silos
Monolithic OS
Multiple ID’s
Multiple
Distributed
Data Integration
Data Warehouse
Distributed Processing
Consolidation
Web
Dynamic
Integration & Scaling
Big Data
Enterprise Content Management
Resource Pooling
Metering + Aggregation
Federation
Consolidation / Integration
Segregated Platforms
Segregated Storage
MB/GB
0.9999
Availability
Server Farms
Clustering
Storage Management
Virtualization
Load Balancing
Colocation
Resource Pooling
Massive Storage Scaling
Commoditization
Network Virtualization
Container
Evolving to Modular
Platform Silos VirtualizationOn Premise Private Cloud
Public Cloud (IaaS, SaaS, PaaS)
Ro
ad
map
fo
r C
loud
Ad
op
tio
nUse Cloud Patterns
COMPLEXITY/RISK LessMore
Mo
reR
EW
AR
D/B
EN
EFI
TLess
클라우드전략접근방식
SaaS PaaSIaaS
SaaS
SaaS
PaaSIaaS
PaaSIaaS
New Development
(Leveraging all cloud paradigms – 6 Cells)
Hybrid Cloud
(IaaS Lift and Shift; IaaS and PaaSNew Deployments)
SaaS
(Business Architecture Led)
CLOUD STRATEGY
IaaS
PaaS
IaaS
VMs
HW CO
NN
EC
TIV
ITY
(Cross Discipline Team)
Infrastructure
• Office 365
• SharePoint Online
• Exchange Online
• OneDrive Pro
Line of Business
• Dynamics CRM
• 3rd Party Solutions
• Yammer, Skype
Engineering & Operations
Enabling
• MDM - In Tune
• DevOps -TFS
DEFINETHE FABRIC
DEFINE THE FABRIC
o Offloaded Data
transfer (ODX)
o Storage Spaces
o Thin-Provisioning
o Deduplication
o Tier-ing
Storage Consolidation
o High Performance &
Share Nothing Live
Migration
o System Center Multi
Hypervisor support
(Hyper-V, VMware,
XEN)
o BitLocker Encryption
o Up to 64TB Virtual
Hard Disk (VHDX) Size
ServerVirtualization
Network Virtualization
o Software Defined
Networking
o Virtual IP Address
Management
o Datacenter Bridging
o Improved Network
Performance
o Continuous Availability
Access & Information Protection
o Windows Server &
Azure Active Directory
o Active Directory
Federation Services
Management
o PowerShell
Automation, >3000
cmdlets
o Desired Configuration
o Windows Management
Framework: WS-
Management, REST,
HTTP, PSRP
High Availability
o Hyper-V Replica
o Windows Azure Hyper-
V Recovery Manager
2016Microsoft
Azure StackMICROSOFT AZURE
App services
Data services
Infrastructure services
Integration HPC AnalyticsWeb sitesMobile services
Caching Identity Service bus MediaCloud
services
SQL database HDInsight Table
Blob storage
Virtual machines
Virtual network VPN
Traffic manager CDN
App services
Data services
Infrastructure services
Web sitesMobile services
APIApps
LogicApps
ServiceFabric
BlobStorage
QueuesStorage
TableStorage
Virtual machines
Virtual network VPN
LoadBalancer
With System Center
Microsoft Azure & Azure Stack마이크로 소프트가 관리하는 글로벌 네트워크 전체에 걸쳐 애플리케이션을 신속하게 구축, 배포 및 관리할 수 있도록 해 주는 유연한 개방형 클라우드 플랫폼입니다. 모든 언어, 도구 또는 프레임워크를 사용하여 응용 프로그램을 구축할 수 있습니다. 또한 퍼블릭 클라우드 애플리케이션을 기존 IT환경과 통합할 수 있습니다.
Customer Environment
Application Tier
Logic Tier
Database Tier
Isolated Virtual Network
INTERNET
Cloud Access & Firewall Layer
THREAT DETECTION: DoS/IDS Layer
DOS/IDS Layer
DOS/IDS Layer
DOS/IDS Layer
Clients /
End Users
Microsoft Azure
443
443
Azure
Storage
SQL
Database
Azure Platform
• Logical isolation for customer environments and data
• Centralized management via SMAPI or the Azure Portal
• No internet access by default• Intrusion detection and DoS prevention
measures• Customer can deploy additional DoS/IDS
measures within their virtual networks• Penetration testing
ExpressRoute
Peer
Private fiber connections to
access compute, storage and
more using ExpressRoute
Azure Security and ComplianceSecure development, operations, and threat
mitigation practices provide a trusted
foundation
VPN
Remote Workers
Computers
Behind Firewalls
Enables connection from customer sites and remote workers to Azure Virtual Networks using Site-to-Site and Point-to-Site VPNs
Azure manages
compliance with:• ISO 27001
• SOC1 / SOC2
• HIPAA BAA
• DPA / EU-MC• UK G-Cloud / IL2
• PCI DSS
• FedRAMP
Azure’s certification process is ongoing with
annual updates and increasing breadth of
coverage.
Azure provides a number of options for encryption and data protection.
Customer
ServiceProvider
Microsoft
ConsistentPlatform
ONEA UNIFIED
CLOUD STRATEGY
Hybrid Cloud Services
On-premises Cloud
ServiceProvider
Azure
HYBRID CLOUDSAMPLE ARCHITECTURES
Smart Factory Cloud ArchitecturePublic Cloud Hybrid Model Private Cloud
Data Transfer
Security
Azure
Cloud
Field Gateway: Raspberry Pi 2 with Win10 IoT Core..
Vending Machine #1 - An Arduino Uno
board with temp, vibration & light sensors
Vending Machine #2 – Same
setup
Vending Machine #3 – Same setup
Business Users, Service Technician, Operations Mgr.
Internet
Inte
rnet
Local N/W
Bluetooth
Bluetooth
2.4
Ghz
RF
Overall system view
Microsoft IoT Suite ServicesCloud
Stream Analytics
API Link
Event Hubs
Data Factory
Azure Machine Learning
Power BI
Excel
Field Data
Microsoft
Azure Portal
Blob Storage
Predictive Maintenance
Vending Machine Control Unit
Event Hub & Azure Service Bus
Stream AnalyticsEvent Processing
Azure Storage
Azure IoT Hub1
Telemetry data
streamed from
Vending (location,
temprature, vibrations,
voltage...)
2
Data ingested by the
Event/IoT Hubs on
Azure,
Streamed analysis for
complex events
3
Telemetry data
collected in Azure
storage
4
Data Flow in Machine
Learning Usage
Model
5
Alert sent to the User
through Device
Application
6
Output Presented through mobile and
onbaord Device