Windows Azure Virtual Machine IntroductionZvezdan Pavković
MDC316
Virtual Machines: PaaS vs IaaS
Storage Non-Persistent StoragePersistent StorageEasily add additional storage.
Networking
Internal and Input Endpoints configured through service model.
Internal Endpoints are open by default.Access control with firewall on guest OS. Input endpoints controlled through portal, service model or API/Script.
Deployment
Stock VHDs.Build VHD directly in the cloud or build the VHD offsite and upload.
Primary Use
Stateless scale-out applications.Applications that require persistent storage to easily run in Windows Azure.
Windows Azure Virtual MachinesIT Pro experience
Support for key server applications
Easy storage manageability
High availability features
Advanced networking
Integration with compute PaaS
Azure Image Library (not the whole list)
Windows Server 2008 R2
Windows Server 2008 R2 with SQL Server 2012 Evaluation
Windows Server 2012
Biztalk Server 2013 Beta
OpenSUSE 12.1
CentOS 6.2
Ubuntu 12.04
SUSE Linux Enterprise Server 11 SP2
Supported Windows Server Applications
http://support.microsoft.com/kb/2721672
We will supportSUSE SLES 11 sp2Open SUSE 12.1CentOS 6.2 by OpenLogic* Ubuntu 12.04
Specific versions are endorsedIntegration ComponentsTesting and validation by partnersBring other variants at your own risk**
Linux on Windows Azure
*Image provided by OpenLogic based on CentOS 6.2**Integration Work will be needed
Virtual Machine Images and Disks
Persistent Disk Management
• C:\ = OS Disk• D:\ = Non-Persistent Cache Disk• E:\, F:\. G:\ ... Data Disks
Capability OS Disk Data Disk
Host Cache Default
ReadWrite None
Max Capacity 127 GB 1 TB
Imaging Capable Yes No
Hot Update Cache Setting Requires Reboot
Change Cache Without Reboot, Add/Remove without Reboot.
Disk Caching
Disk Type Default Supported
OS Disk ReadWrite Read-only and ReadWrite
Data Disk None None, Read-only and ReadWrite
Modify using Set-AzureOSDisk or Set-AzureDataDisk
Persistent Disks and Highly Durable
Windows Azure Storage
Windows Azure Storage (Disaster Recovery)
Virtual Machine
Persistent Disks and Highly Durable
Windows Azure Storage
Windows Azure Storage (Disaster Recovery)
Virtual Machine
Virtual Machine
Base OS image for new Virtual Machines
Sys-Prepped/Generalized/Read Only
Created by uploading or by capture
Writable Disks for Virtual Machines
Created during VM creation or during upload of existing VHDs.
Images and DisksOS Images
MicrosoftPartner User
Disks
OS Disks Data Disks
Image MobilityOn-Premises Cloud
MyApp.vhd
Bring Your Own Server/VHDOn-Premises
On Premises Virtual Server
MyApp.vhd
Cloud
Provision VM from Image or
Disk using portal, script or API
•
•
Imaging VMs in the CloudCloud
Base.VHD
Identical/similar deployment instances using common OS image
as start
Capture VM Saves Customized Image to Your Image Library
Tips on BYO Generalized Images
• Sysprep and “Generalize” is expected
• Do NOT put unattend.xml on the disk
• Do NOT install the Windows Azure Integration Components!!
• No WA Agent
Virtual Machines and Cloud Services
Cloud Service is a…
• Management
• Configuration
• Security
• Networking
• Service Model
boundary
Cloud Services, Roles, and Instances
INS
TAN
CES
RO
LES
VM 1 VM 2 VM 3WEB ROLE
VM 4 VM 5 VM…WORKER ROLE
Cloud Services with Virtual MachinesMultiple Virtual Machines can be hosted within the same cloud service
Cloud Service
Virtual Machine Availability
Service Level Agreements
What’s includedCompute Hardware failure (disk, cpu, memory)Datacenter failures - Network failure, power failureHardware upgrades, Software maintenance – Host OS UpdatesWhat is not includedVM Container crashes, Guest OS Updates
99.95% for multiple role instances4.38 hours of downtime per year
Availability set
Fault and Update DomainsFault Domains•Represent groups of resources anticipated to fail together•i.e. Same rack, same server•Fabric spreads instances across fault at least 2 fault domains
Update Domains•Represents groups of resources that will be updated together•Host OS updates honour service update domains•Specified in service definition•Default of 5 (up to 20)
Fabric spreads role instances across Update Domains and Fault Domains
Rack
Fault and Update Domains
Rack
Web Role
INSTANCE
INSTANCE
Worker Role
INSTANCE
INSTANCE
INSTANCE
INSTANCE
INSTANCE
INSTANCE
UD #1
UD #1
UD #2
UD #2
Virtual Machine Availability SetsUpdate Domains are honored by host OS updates
Rack Rack
Availability Set
Availability Set
Virtual Machine
Virtual Machine
Virtual Machine
Virtual Machine
IIS1
SQL1
IIS2
SQL2
UD #2
UD #2
UD #1
UD #1
SQL Server2
SQL Server1
End to End Highly Available SolutionRedundancy at every level
IIS Web Application
Web Role
IIS Web Application
Web Role
LB
SQ
L M
irro
ring
Internet
SQL-AVSET
IIS-AVSET
Windows Azure Networking
Virtual Machine Names and DNS
Bring your own DNS serverUse your on-premise DNS serversDeploy a DNS server in Windows AzureUse public DNS services
Windows Azure provided DNS Resolves VMs by name within the same cloud serviceMachine names are modeled explicitly and registered in the DNS service
Full control over machine names
Protocols and Endpoints
Port Forwarded EndpointsDirect communication to multiple VMs in the same cloud service
Support for All IP-Based Protocols (VM to VM)Instance-to-instance communicationTCP, UDP and ICMP, dynamic ports
UDP Traffic Supported in WALoad-balanced incoming traffic and allows outbound traffic
Custom Load Balancer Health ProbesHealth check with probe timeoutsHTTP based probing, allowing granular control of health checks
EndpointPublic PortLocal PortProtocol (TCP/UDP)Name
Port Forwarding Input EndpointsCloud App/Hosted Service
Single Public IP Per Cloud Service
Load Balanced Sets
Endpoint SetPublic PortLocal PortProtocol (TCP/UDP)Name
Cloud App
Load Balancer Custom ProbesLoad Balancer ProbeSet NameProtocol (TCP)Probe PortProbe Path(/healthcheck.aspx)
Looks for HTTP 200
Cloud App
DNS and Name Resolution
Windows Azure DNS ScenarioWindows Azure DNS Scenarios
A. Client-server applications using VMs
VM
SQL Reporting Service
VM
SQL Analysis Service
VM
SQL Service
Use your own DNS ScenarioUse your own DNS Scenarios
B. Hybrid connectivity with on-premise (DNS on-premise)
On-Premises Machine
Active Directory
Active Directory
SQL Service
Domain joined to On-Premises Network
On-Premises Machine
Business Components & Entities
On-Premises Machine
UI Process Components
Web Tier
Active Directory
Custom DNS ScenarioC. SharePoint with custom DNS (VM)
Internet
VM Role
SharePoint FrontEnd
VM Role
SharePoint FrontEnd
VM Role
Search and Indes
SQL Service
VM Role
DC DNS
VM Role
VM Role
SQL
VM Role
SQL
Local DNSS
QL M
irrorin
g
LB
Open User Access (Website)
Virtual Networks & Cross-premise connectivity
Cross-premise connectivity
Secure Site-to-Site Network Connectivity
Windows Azure Virtual Network
CLOUD ENTERPRISE
Data SynchronizationSQL Data Sync
Application-Layer Connectivity &
Messaging Service BusSecure Machine-to-
Machine ConnectivityWindows Azure Connect
Does Your App Need a Virtual Network? IP Address Requirements• Virtual Machines deployed into a virtual network have an
infinite DHCP lease
Hybrid On-Premises Cloud Apps• Requirement for connectivity between your data center
and the public cloud
Connectivity between cloud services• Deploying Active Directory in the Cloud or connecting a
PaaS to IaaS Service
Windows Azure
Windows Azure Virtual NetworkYour “virtual” branch office / datacenter in the cloud• Enables customers to extend their Enterprise
Networks into Windows Azure
• Networking on-ramp for migrating existing apps
and services to Windows Azure• Enables “hybrid” apps that span cloud/premises
A protected private virtual network in the cloud• Enables customers to setup secure private IPv4
networks fully contained within Windows Azure• IP address persistence• Inter-service DIP-to-DIP communication
The Branch Office
The Corp. HQ
IIS Servers
AD / DNS
SQL Servers
Exchange
The “virtual” branch office
The Virtual Network
in Windows AzureS2S VPN Device
S2S VPN Device
S2S VPN tunnel
BRK Gateway
S2S VPN tunnel
Virtual Network SummaryCustomer-managed private virtual networks within Windows Azure• “Bring your own IPv4 addresses”• Control over placement of Windows Azure Roles within the network• Stable IPv4 addresses for VMs
Hosted VPN Gateway enables site-to-site connectivity• Automated provisioning & management• Support existing on-premises VPN devices
Use on-premise DNS servers for name resolution• Enables customers to use their on-premise DNS servers for name resolution• Enables VMs running in Windows Azure to be joined to corporate domains running
on-premise (use your on-premise Active Directory)
Related contentILL-AZR201 - Getting to Know Windows Azure IaaS, part 1ILL-AZR201 - Getting to Know Windows Azure IaaS, part 2DBI334 - Overview, Best Practices and Lessons Learned on Microsoft SQL Server in Windows Azure Virtual MachinesATC226 - Windows Azure Hybrid Architectures and PatternsMDC213 - Building Cloud Services with the Windows Azure Pack
Developer Network
Resources for Developers
http://msdn.microsoft.com/en-au/
Learning
Virtual Academy
http://www.microsoftvirtualacademy.com/
TechNet
Resources
Sessions on Demand
http://channel9.msdn.com/Events/TechEd/Australia/2013
Resources for IT Professionals
http://technet.microsoft.com/en-au/
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.