the spring release of windows azure infrastructure as a service introduces new functionality that...
TRANSCRIPT
Windows AzureIntroducing Virtual Machines (IaaS)Mario SzpusztaPlatform Strategy Advisor, EMEA Windows Azure IncubationMicrosoft Corporation
Infrastructure as a Service
The spring release of Windows Azure
Infrastructure as a Service introduces
new functionality that allows full
control and management of virtual
machines along with an extensive
virtual networking offering.
If deploying an application requires a developer’s involvement, it’s not IaaS
Cloud Models On Premises
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
You m
anag
e
Infrastructure(as a Service)
Storage
Servers
Networking
O/S
Middleware
Virtualization
Data
Applications
Runtime
Manag
ed
by M
icroso
ft
You m
anag
e
Platform(as a Service)
Manag
ed
by M
icroso
ft
You m
anag
e
Storage
Servers
Networking
O/S
Middleware
Virtualization
Applications
Runtime
Data
Software(as a Service)
Manag
ed
by M
icroso
ft
Storage
Servers
Networking
O/S
Middleware
Virtualization
Applications
Runtime
Data
PaaS SaaSPhysical Virtual IaaS
A Continuous Offering From Private to
Public Cloud
Windows Azure Virtual Machines
Support for key server applications and workloadsEasy storage manageabilityHigh availability featuresAdvanced networkingIntegration with compute PaaSEasy Application Migration
If it requires development, it’s not IaaS
Images Available at Preview
OpenSUSE 12.1CentOS 6.2 Ubuntu 12.04SUSE Linux Enterprise Server SP2
Windows Server 2008 R2
Windows Server 2008 R2 with• SQL Server 2012
Evaluation
Windows Server 8 RC
WindowsLinux
Virtual Machine vs VM RoleVM Role Virtual Machine
Storage Non-Persistent Storage Persistent StorageEasily add additional storage
Deployment Build VHD offsite and upload to storage.
Build VHD directly in the cloud or build the VHD offsite and upload
Networking Internal and Input Endpoints configured through service model.
Internal Endpoints are open by default.Access control with firewall on guest OS. Input endpoints controlled through portal, service model or API/Script.
Primary Use Deploying applications with long or complex installation requirements into stateless PaaS applications
Applications that require persistent storage to easily run in Windows Azure.
Persistent Disks and Highly Durable
Windows Azure Storage
Windows Azure Storage (Disaster Recovery)
Virtual Machine
Persistent Disks and Highly Durable
Windows Azure Storage
Windows Azure Storage (Disaster Recovery)
Virtual Machine
Virtual Machine
Disks and ImagesOS Images
• Microsoft• Partner • User
Disks
• OS Disks • Data Disks
Base OS image for new Virtual MachinesSys-Prepped/Generalized/Read Only Created by uploading or by capture
Writable Disks for Virtual MachinesCreated during VM creation or during upload of existing VHDs.
Cross-premise Connectivity
IP-level connectivity
Data SynchronizationSQL Azure Data Sync
Application-layer Connectivity &
Messaging Service Bus
Secure Machine-to-Machine Network
ConnectivityWindows Azure Connect
Secure Site-to-Site Network Connectivity
Windows Azure Virtual Network
CLOUD ENTERPRISE
Corpnet
Windows Azure Virtual Network
Your “virtual” branch office / datacenter in the cloudEnables customers to extend their Enterprise Networks into Windows AzureNetworking on-ramp for migrating existing apps and services to Windows AzureEnables “hybrid” apps that span cloud and their premises
A protected private virtual network in the cloudEnables customers to setup secure private IPv4 networks fully contained within Windows AzureIP address persistenceInter-service DIP-to-DIP communication
Subnet 2
Subnet 1
Windows Azure Virtual Network ScenariosHybrid Public/Private CloudEnterprise app in Windows Azure requiring connectivity to on-premise resources
Enterprise Identity and Access ControlManage identity and access control with on-premise resources (on-premises Active Directory)
Monitoring and ManagementRemote monitoring and trouble-shooting of resources running in Windows Azure
Advanced Connectivity RequirementsCloud deployments requiring persistent IP addresses and direct connectivity across services
Bringing Workloads to the Cloud
On Premises
Production
S2S VPN Device
IIS Servers
AD / DNS
SQL Farm
Exchange
S2S VPN tunnels SharePoint
PaaS Roles
File ServersLocal AD SQL VMs
PaaS SaaSPhysical Virtual IaaS
IaaS and PaaS – Better Together
Why Mix Models?
What Value does this Provide? Unblocks Development or Migration of new applications that have dependencies on resources that require virtual machines such as Active Directory, MongoDB, MySQL, SharePoint, SQL Server, COM+, MSMQ etc…
Migration On-Ramp for Existing ApplicationsAdministrators can quickly take advantage of Windows Azure by migrating an existing application as-is using virtual machines. If desired, connecting different application models such as websites or web and worker roles provides the capability to take advantage of PaaS roles alongside IaaS roles.
Cloud Service
Windows Azure Service Model Example cloud service configuration with a single web role and a single worker role
VM1 VM2
VM5 VM6
VM9
VM3 VM4
VM7 VM8
VMn
VM1 VM2
VM5
VM3 VM4
VMn
Cloud Service 2
Mixing Virtual Machines and Stateless RolesMultiple cloud services with stateless and virtual machines
Cloud Service 1
VM1 VM2
VM5 VM6
VMn
VM1 VM1
VM1 VM2
VM5 VM6
VMn
Connecting Cloud Services via VIPs
StrengthsSimplicityTenant AutonomyVIP Swap (stateless roles)Easy Local Dev/TestPersistent Service is Easily Accessible (even from other services!)
SQL Data Access Traffic
Through Public
Endpoint
WeaknessesHigher LatencyLess SecureManagement/Deployment Overhead
WA Web Role
Cloud Service 1
Cloud Service 2
SQL Server
Load Balancer
80
2001-1433
Secure Endpoints with Windows Server Firewall
Load Balancer
Deployment Steps (VIP Connectivity)
Deploy Virtual Machine(s)
Use RDP to customize the new virtual machine(s) by installing software, configuring roles etc.
Build and test locally using the emulator. Testing live can be achieved by using public endpoints.
Specify instance count and other configuration details. Deploy to a separate hosted service.
Configure public endpoints to virtual machine services. ACL with firewall as appropriate.
Connecting Cloud Services with VNET
StrengthsMore SecureLow LatencyCloud App AutonomyVIP Swap (stateless roles)Advanced Connectivity Requirements
WeaknessesVNET ComplexityNo iDNS – use BYOD
Direct Access
via VNET
FrontEndSubnet
(10.0.0.0/16)
SQLSubnet (10.1.0.0/1
6)
Load Balancer
80
WA Web Role
Cloud Service1
Cloud Service 2
AD
SQL Mirror
AD
Subnet(10.2.0.0/
16)
ContosoVNet (10.0.0.0/8)
Direct Access
via VNET
FrontEndSubnet
(10.0.0.0/16)
SQLSubnet (10.1.0.0/1
6)
Load Balancer
80
WA Web Role
AD
VNET Connected – Local Testing
Manage Multiple Connection Strings via Multiple Configurations
Developer Fabric
ContosoVNet (10.0.0.0/8) MyAffinityGroup
SQL Mirror
AD Subnet
(10.2.0.0/16)
1433WA Developer
Fabric Developer
Cloud Service1
Cloud Service 2
VNET Connected with VPNContosoVNet (10.0.0.0/8) MyAffinityGroup
AD / DNS
VPN Tunnel
• Access on premises resources• Local Testing - allows direct connection
to Virtual Machines in the cloud
Direct Access
via VNET
FrontEndSubnet
(10.0.0.0/16)
SQLSubnet (10.1.0.0/1
6)
AD
Load Balancer
80
WA Web Role
SQL Mirror
On Premises
WA Developer Fabric Developer
Cloud Service 1
Cloud Service 2
VNET Connected Deployment Steps
Deploy Virtual Machine(s). If AD is desired deploy at this stage so remaining VMs can start domain joined.
Use RDP to customize the new persistent VM(s) by installing software, configuring roles etc…
Build and test locally using the emulator. Testing live can be achieved by using public endpoints or VPN connectivity.
Specify instance count, virtual network settings and other configuration details. Deploy to a separate hosted service.
If previously opened, close public endpoints to lock down service.
Define virtual networks and subnets for hosted services to reside in.
Mixed Mode – Shared Cloud ServiceStrengthsSimplicityConnectivityiDNS
WA Web Role
Virtual Machine
Load Balance
r
80
Cloud App
Available in Fall Release
WeaknessesLack of VIP Swap
VM to VM Performance
Category Latency (Round-Trip)
Comment Network Link Details
Inter-VM within a deployment (or deployment to deployment with VNET)
0.29 ms DIP to DIP
Traffic does not flow through the
LB
Inter-VM crossing a deployment (same region)
0.88 ms VIP to VIP
Traffic flows through the LB
Tiered MigrationsTake Advantage of PaaS Where You CanMany Applications could benefit from migrating to a mixed deployment. Migrating to web/worker roles or taking advantage of other Windows Azure services (storage, cache etc..)
Benefits of Web and Worker RolesSimplified Deployment and ConfigurationHealth ModelEasy High AvailabilityInstance ScalabilityOS PatchingAutomatic Firewall ConfigurationSimple Certificate DeploymentMany others
Horizontal Migration
Use Virtual Machines and VNET for Forklift Migration
Web Tier
App Tier
AD
Data Tier
Convert Web Apps to Web Roles (optional)
Web Role
Worker Roles
SQL Azure
Convert App Logic to Worker Roles (optional)Convert Data Tier to Azure SQL DB (optional)
Wrap UpConnecting IaaS and PaaSConnecting an application hosted in Windows Azure such as Web Sites or Web/Worker Roles with a Virtual Machine.
Unblocks Building Applications with DependenciesDependencies such as Active Directory, SharePoint, SQL Server, Linux, Mongo DB, COM+, MSMQ etc…
Migration On-Ramp for Existing ApplicationsMigrate application from on-premises take advantage of PaaS efficiencies without blockers on dependencies.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a
commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.