private cloud computing using windows azure
TRANSCRIPT
-
8/7/2019 Private cloud Computing using Windows Azure
1/7
Private cloud Computing using
Windows Azure
Virtualization offers many benefits; its the technological change in our industry that underpins the
Cloud Computing wave. With Virtualization, you can reduce the number of physical servers you own
and maintain, reduce energy costs, even implement high availability solutions you thought beyond
your budgets. Then you look at Windows Azure, and you see the ability to provision application
instances from a web portal. Scale up and down as demand requires and only pay for what you
consume. The thought then maybe crosses your mind that the Windows Azure model would be great
to offer inside your organization on your own infrastructure. Do you have to choose one or the other
or can you provide IT as a Service internally like Windows Azure?
The answer is yes, and that is not because of the Windows Azure Appliance announcement.
Appliance aside, you can offer IT as a Service using Windows Server and System Center today. So how
do you do that?
What do I need?
For a Private Cloud or Customer Cloud, whichever name you prefer, to have an effective IT as a
Service offering requires some key elements to be in-place.
y First you need a management tool that allows you to monitor the servers providing thevirtualization services. The tool should also allow you to easily move services around the
machines, and ideally provide you with guidance on what actions to take should resource
become over utilized.
y Secondly, you need a tool that allows for the Business units in your organization to be self-sufficient in requesting and managing their services, while at the same time provide you with
a method to calculate charge-back costs.
Windows Server 2008 R2 out-of-the-box does not provide all of these. It does have a number of
management features you will need, but for the complete solution you need to add:-
y System Center Virtual Machine Manager 2008 R2 (SCVMM)y System Center Virtual Machine Manager Self Service Portal 2.0 (SSP)
These two System Center products provide the management, monitoring and self-service capabilities
needed to run an IT as a Service operation.
What do they do?
SCVMM provides the core management functionality. Allowing you to go beyond the Hyper-V
management console in R2, you can group your servers into host groups and monitor more than one
-
8/7/2019 Private cloud Computing using Windows Azure
2/7
host at a time. Intelligent placement built into SCVMM helps you make the best decisions about
where virtual machines (VMs) should go. SCVMM also provides a library service where you hold
template images, ISO images and scripts that can be easily deployed to meet different requirements.
Finally Performance Resource Optimization (PRO) provides you with the ability to monitor and
correct problems for VMs. PRO allows the administrator to set up information that can be displayed
when certain thresholds are reached. These Tips, can, for example, have a messaging saying Add
another Web Server to Order Tracking Web Farm.
SSP provides the self-service functionality. At a high level, once enabled and configured by the IT
Administrator, SSP allows registered Business Units to manage their own administrative team to
request resources, start or stop VMs and be entirely self-sufficient in managing their resources. At
the back end, the IT Administrator can set charge back costs for both reserved resources and
allocated resources.
Armed with these products we can build our Private Cloud. To test this out, all three products can be
downloaded from microsoft.com under the evaluation program. You can use your TechNet
subscription to access the full-version software and based these posts on my testing. The software
required to build this test is available in all the subscriptions models.
Where to Start?
There are requirements for the installation to work. First, there are additional roles and features that
need to be installed on Windows Server 2008 R2. These are primarily driven by SCVMM. So to install
SCVMM, Windows Server must have:
y Hyper-V. The SCVMM Setup Wizard automatically adds this role, which will work as long asthe machine being used supports virtualization.
y Windows Remote Management (WinRM). For SCVMM setup to work, the service must beinstalled and in a state other than disabled and stopped.
y Internet Information Services (IIS) 7.0. You must add the Web Server (IIS) role and then installthe following server role services:
o IIS 6 Metabase Compatibilityo IIS 6 WMI Compatibilityo Static Contento Default Documento Directory Browsingo HTTP Errorso ASP.NETo .NET Extensibilityo ISAPI Extensionso ISAPI Filterso Request Filtering
In addition to these, the SSP also requires some additional features be installed:
y Microsoft Message Queuing (MSMQ).y Windows PowerShell 2.0. This requirement supersedes version 1.0 that SCVMM requires.
-
8/7/2019 Private cloud Computing using Windows Azure
3/7
y Microsoft .NET Framework 3.5 SP1. R2 contains 3.5.1, so if this is installed then you have metthis requirement.
The final requirement for both SCVMM and SSP is a database. When installed alone, SCVMM can use
the SQL Express edition, which it will install automatically if you do not provide it with an alternative.
However, SSP requires either Standard or Enterprise editions of SQL Server 2008 or higher.
The other requirement for the solutions is Active Directory. Both SCVMM and SSP work best in a
domain environment.
Source: http://blogs.technet.com/b/alanlemarquand/archive/2010/09/22/creating-a-private-cloud-
part-1-setup.aspx
-
8/7/2019 Private cloud Computing using Windows Azure
4/7
Windows Identity FoundationWindows Identity Foundation (WIF) is the latest addition to the foundational technologies in
the .NET Framework. It enables .NET developers to offload the identity logic from their
application, providing a solid development model based on separation of concerns. Non-
experts can easily secure their applications without being exposed to the underlying
complexity of cryptography and protocols, leveraging Visual Studio integration features such
as point-and-click wizards which result in applications protected using open, interoperablestandards such as WS-Federation and WS-Trust.
Despite the easy to use programming model, which unifies ASP.NET web applications and
(Windows Communication Foundation) WCF SOAP services under a single object model,
Windows Identity Foundation has a full range of security of features offered by WS-Security,
the SAML token format and many other enterprise-grade industry standards.
When using Windows Identity Foundation the mechanics of authentication are provided by
external services, using platform-independent protocols. The application receives information
about authenticated users in forms of claims, which can be used for simple or traditional role-
base access control (RBAC) to sophisticated access control policies.
Because open standards are used, the authentication can take place regardless of where theuser accounts are maintained or where the application is hosted: as a result, single sign on
(SSO) across on-premises and Windows Azure hosted resources is easily achieved.
Although the authentication services can be provided from any platform complying with the
open protocols used by Windows Identity Foundation, the best way to leverage existing
investments in the Windows infrastructure is to outsource authentication to Active Directory
Federation Services 2.0.
-
8/7/2019 Private cloud Computing using Windows Azure
5/7
1. Private CloudThere has been a lot of recent excitement around the potential benefits enterprise IT can derive by
implementing a private cloud (or internal cloud) within their firewall. To better understand this
aspiration, lets look at some characteristics of Microsofts cloud services (e.g. Windows Azure) that
we operate out of our datacenters:
y Standardization Homogeneous infrastructures with vertical integration across server, network,storage and OS. This is achieved by implementing a shared pool of virtualized hardware pools
with centralized administrative control over apps/workload additions.
y Service Focused Its all about delivering the application or service that the business demandsand not the component services (e.g. infrastructure).
y Automation - Significant levels of automation, based on cloud principled philosophies likeresiliency, scalability and elasticity.
y Lights out Operations Scale through the app design and abstraction from infrastructure.y Utilization based chargebackWe believe there is an opportunity to bring in some of these characteristics and best practices to the
enterprise datacenter and enable it with cloud like capabilities. Towards that, were investing in
the following software enabled models:
1. Standardized, Virtualized Hardware Model - Standardize Datacenter infrastructure acrosscompute (server), network, and storage through Virtualization. By standardizing, infrastructure
resources can be pooled and consumed by any of your apps and services. While Virtualization is a
key enabler to hardware abstraction, it alone will not solve the virtualized silos problem we
are referring to truly centralized IT resource sharing across business units.
2. Virtualized, Abstracted Application Model-Most Datacenters have lots of apps and these werewritten for existing infrastructure. Application virtualization is a key technology enabler thathelps abstract the application model from the underlying infrastructure. This creates application
scale up/scale down flexibility by giving control over how services consume the pooled
infrastructure. In addition, the application layer becomes distinct from the infrastructure layer
thereby greatly simplifying management.
3. Service Centric Operational ModelAbility to compose, deployand manage services exactly theway cloud apps are developed and deployed today. Need to have virtualized app/workload and
infrastructure images that can be rapidly composed followed by one click deployment. End-to-
end Service management e.g. provisioning, monitoring, patching, configuration management,
backups/restores - is accomplished with integrated automation and orchestration between
various tasks and IT processes.
Finally, IT organizations will need to ensure their infrastructure management teams have a common
view of the services (e.g. via software based service models, standardized service catalogs etc.) they
offer their businesses while still retaining control of the resources they own and manage.
2. Evolving Your Datacenters To Derive Cloud Like Benefits Today
-
8/7/2019 Private cloud Computing using Windows Azure
6/7
Microsoft customers can begin their journey to the private cloud today by deploying the Microsoft
products and technologies they know and trust. We have recently made Opalis and Service Manager
available as part of System Center to help customers build deeper orchestration and IT process
automation for their private cloud environments. As mentioned in earlier sections, Microsoft is fully
committed to deliver richer private cloud capabilities mentioned above as part of the Windows
Server and System Center roadmaps.
Presently, Microsoft is enabling customers build the foundation for a private cloud infrastructure
using the Windows Server and System Center family of products with the Dynamic Datacenter Toolkit
(availability currently scheduled for June 2010). This will allow you to further leverage your existing
investments in the Microsoft infrastructure platform while maturing your IT capabilities to consume
advanced cloud capabilities in the future.
The Dynamic Datacenter Toolkit is a free, partner-extensible solution that will enable datacenters to
dynamically pool, allocate, and manage resources to enable Infrastructure as a Service. Whether
youre an enterprise customer, a systems integrator, or an independent software vendor, the toolkit
will help you create agile, virtualized IT infrastructures and enable business agility, reduced
management complexity and operational efficiencies.Some key Dynamic Datacenter Toolkit capabilities:
y Automation and Guidance - To assess, plan and design your private cloud foundationinfrastructure
y Customer/business unit on-boarding - Automated workflows to onboard LOBs to your virtualizedshared resource pool
y Dynamic provisioning engine To rapidly provision virtualized infrastructure in conjunction withSystem Center and Hyper-V
y Self-Service portal To empower consumers of IT request infrastructure for their apps/servicesOur Systems Integration partners can also offer you guidance on deploying your private cloud
infrastructure using the Dynamic Datacenter Toolkit.
-
8/7/2019 Private cloud Computing using Windows Azure
7/7