infrastructure the azure platform strategy microsoft azure stack & cloud platform system...
TRANSCRIPT
Take enterprise virtualization to the next level
NameAreaRole
AgendaWhere are we in Datacenter Evolution?Cloud: concerns vs. opportunitiesLearn how to take back control from Shadow
IT
Introduced virtualization
platform/ management
Industry-leading scale and
performance
Azure as design point
Windows Server 2008 R2
System Center 2007 R3
Windows Server 2012
System Center 2012
Windows Server 2012 R2
System Center 2012 R2
Microsoft Azure
Looking back
Public Cloud Storage Services2
x86 Server Virtualization1
Cloud Infrastructure as a Service3
Enterprise Application Platform as a Service4
A leader in Gartner magic quadrants
Microsoft only leader in all four magic quadrants
[1] Gartner “x86 Server Virtualization Infrastructure,” by Thomas J. Bittman, Philip Dawson, Michael Warrilow, July 14, 2015; [2] Gartner “Public Cloud Storage Services,” by Raj Bala, Arun Chandrasekaran, June 25, 2015; [3] Gartner “Magic Quadrant for Cloud Infrastructure as a Service,” by Lydia Leong, Douglas Toombs, Bob Gill, May 18, 2015; [4] Gartner “Enterprise Application Platform as a Service,” by Yefim V. Natis, Massimo Pezzini, Ross Altman, Rob Dunie, Anne Thomas, Kimihiko Iijima, March 24, 2015.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
EVOLUTION OF DATACENTER
EFFIC
IENCY
CLOUD-FIRST
APPLICATIONS AND SERVICES
INFRASTRUCTURE
How much remains un-virtualized?
Why is the business using
shadow IT?
Why is my CIO looking at agile alternatives?
Why is investment in apps growing so much faster than
IT?
We want you to be at the center of application innovation
Opportunity to rethink your datacenter: Think services, not serversTraditional datacenter• Tight coupling between infrastructure and apps
• Expensive, vertically integrated hardware
• Silo-ed infrastructure and operations
• Highly customized processes and configurations
Cloud Model• Loosely coupled apps and micro-services
• Industry-standard hardware
• Service-focused DevOps
• Standardized processes and configurations
Introduced virtualization
platform/ management
Industry-leading scale and
performance
Azure as design point
Cloud-first innovation:
Infrastructure and
application platform
Windows Server 2008 R2
System Center 2007 R3
Windows Server 2012
System Center 2012
Windows Server 2012 R2
System Center 2012 R2
Microsoft Azure
Windows Server 2016
System Center 2016
Microsoft Azure
Looking ahead
Cloud-inspired infrastructurePowered by Windows Server, Hyper-V,
System Center, and Azure
Compute Storage Network
Platform Services
INNOVATION
ContinuousImprovement Delivers
Rapid InnovationEverywhere…
The Azure Platform Strategy
Microsoft AzurePublic, Global, Shared DatacentersMicrosoft Azure Stack
& Cloud Platform System
Platform Services
Infrastructure Services
Compute Storage Network
Secu
rity
&
Man
ag
em
en
t
SaaS(Software as a
Service)O365, CRM, VSO
etc…+
3rd Party SaaS Solutions
Public Cloud Platfor
m
Azure Global Datacenters
Your Datacenter Infrastructure
Hyb
ridO
pera
tion
sSecu
rity
&
Man
ag
em
en
t
Hyb
ridO
pera
tion
s
Windows Server Linux
Windows Server Linux
What’s on your mind today?
How can I empower next-gen apps/services for my app owners?
How can I protect my datacenter assets from emerging threats?
How can I deliver on what my mission-critical apps need?
How can I empower next-gen apps/services for my app owners?
How can I protect my datacenter assets from emerging threats?
How can I deliver on what my mission-critical apps need?
How can I empower next-gen apps/services for my app owners?
Rolling upgradesStorage QoSGuest clustering enhancements
Deploy enterprise-grade virtualization and IaaS platformHighest levels of scale, performance, and reliability
Best-in-class support for LinuxCentralized management
How can I deliver on what my mission-critical apps need?
Windows Server 2012 R2 Hyper-VHigh performance live migration (compression/RDMA)
Zero downtime upgrades
Automatic VM Activation
Live VM export
App consistent guest backup
Enhanced VMConnect
Dynamic memory host balancing
First class Linux support – Dynamic memory, file system consistent host based backup
RemoteFX over WAN
Generation 2 Virtual Machines
Secure boot in a VM
User defined meta data for VHDX
PowerShell for all Hyper-V operations
Hyper-V Metrics
Shared nothing live migration
Hyper-V over SMB
Hyper-V over Spaces & ReFS
64 VP, 1 TB Monster VMs
SR-IOV for 10+GB networking
64TB VHDX
Hyper-V Replica
Network Virtualization
USB redirection over RemoteFX vGPU
Hot add/remove of storage
VHDX resiliency
Dynamic & differencing VHDX performance improvements
384 LP, 4TB physical system
2+ Million IOPS to a single VM
Resource Pools
NUMA in a VM
1024 running VMs on a host
High performance auto tiered storage spaces
Write back cache with spaces
Storage QoS
Shared VHDX for guest clustering
VHDX online resize
Storage deduplication with live VMs for VDI
Hyper-V Recovery Manager (Microsoft Azure Site recovery)
Azure Backup
Inbox multi-tenant site-to-site VPN gateway for physical & virtual networks
Protected VM Networks/Virtual RSS
Enhanced LBFO performance with NIC teaming
Hyper-V Extensible Switch
4K Sector support
Confidently virtualize anything: On-premises or Azure
Quick time-to-value Enterprise-grade reliability Heterogeneous flexibility
Customers require
Microsoft software-defined compute
Frictionless “cloud-cadence” infrastructure upgrades
Best-in-class support for Linux on Hyper-V
Benchmark-setting scale, performance, and resilience
Quick time-to-value Enterprise-grade reliability Heterogeneous flexibility
Customers require
• Rolling upgrades without downtime [no new hardware needed] • Mixed-mode
clusters
• Broad distro support, including: RHEL, SLES, Ubuntu, CentOS • Networking
performance: hot add/remove vNIC & in-guest vRSS
• Mission-critical scale: SQL, Exchange, SharePoint, SAP, Oracle • High-performance:
Live migration & Storage QoS • Maximum availability:
Guest clustering
Confidently virtualize anything: On-premises or Azure
Microsoft software-defined compute Frictionless “cloud-cadence” infrastructure upgrades
Best-in-class support for Linux on Hyper-V
Benchmark-setting scale, performance, and resilience
• Rolling upgrades without downtime [no new hardware needed] • Mixed-mode
clusters• Hot Add/Remove
Memory & vNIC• RDMA &
PacketDirect (100Gb Ethernet…)
• Broad distro support, including: RHEL, SLES, Ubuntu, CentOS • Networking
performance: hot add/remove vNIC & in-guest vRSS
• Mission-critical scale: SQL, Exchange, SharePoint, SAP, Oracle • High-performance:
Live migration & Storage QoS • Maximum availability:
Guest clustering
Confidently virtualize anything: On-premises or Azure
Optimize workload availability and performance Resilience to transient storage/network failuresDesigned for cloud-scale environments, this helps preserve VM session state in the event of transient storage or network disruptions.
Guest cluster availability enhancements
Online resizing, host-level backups, and Hyper-V Replica support
Effectively control workload performance with built-in Storage QoS
Simple out-of-the-box behavior that mitigates “noisy neighbor” issues. Highly customizable via policy, deliver granular performance guarantees on a per-VM or per-tenant basis. Fully automated via System Center/ PowerShell.
Hyper-V cluster
Node 1
Storage resilience
Node 2
VHD
Hyper-V
Best-in-class Linux support on Hyper-V
Broad support: Run Red Hat, SUSE, OpenSUSE, CentOS, Ubuntu, Debian and Oracle Linux, with full support.
Increased utilization: Run Windows and Linux side-by-side, driving up utilization and reducing hardware costs.
Enhanced networking: Highest levels of networking performance in Linux guests with virtual Receive Side Scaling (vRSS) support.
Storage enhancements: Hot-add and online-resize of storage for enhanced administration flexibility.
Better protection: Better-than-physical backup support for virtualized Linux guests on Hyper-V.
Simplified management: Single experience for managing, monitoring, and operating the infrastructure.
Spotlight capabilities
Hyper-V
How can I empower next-gen apps/services for my app owners?
How can I protect my datacenter assets from emerging threats?
How can I deliver on what my mission-critical apps need?
How can I empower next-gen apps/services for my app owners?
Deploy enterprise-grade software defined storage in Server 2016Highest levels of scale, performance, and reliability
How can I deliver on what my mission-critical apps need?
Microsoft Software-Defined Storage (SDS)
Performance and scalability with SMB3 File Storage network
Primary application data storage on cost effective, continuously available, high performance SMB3 file shares backed by tiered storage spaces
Continuous availability and seamless scale-out with Scale-Out File ServerElastic, reliable, optimized with tiered storage spaces
Low cost standard volume hardware
1
2
3
4
HYPER-V CLUSTER
SMB3 storage network fabric
SCALE-OUT FILE SERVER CLUSTER
Storage spaces
SHARED JBOD STORAGE
1
2 2
3
4
5 Unified storage management with System Center
Syste
m C
en
ter
5
Today’s solution with Windows Server 2012 R2 and System Center 2012 R2
Reliability, scalability, flexibility • Fault tolerance to disk, enclosure, node failures• Scale pools to large number of drives• Simple and fine grained expansion• Fast VM creation and efficient VM snapshots
Use cases• Hyper-V IaaS storage• Storage for backup and replication targets• Hyper-converged (compute and storage together)• Converged (compute and storage separate)
Cloud design points and management• Standard servers with local storage• New device types such as SATA and NVMe SSD• Prescriptive hardware configurations• Deploy/manage/monitor with SCVMM, SCOM &
PowerShell
NEW: Storage Spaces DirectSoftware defined storage for private cloud using industry standard servers with local storage
SCALE-OUT FILE SERVER CLUSTER
HYPER-V CLUSTER(S)
SMB3 STORAGE NETWORK FABRIC
SCALE-OUT FILE SERVER CLUSTER
HYPER-V CLUSTER
Storage Spaces Direct – Deployment ChoiceHyper-converged Converged (Disaggregated)
HYPER-V CLUSTER(S)
SMB3 STORAGE NETWORK FABRIC
Compute and Storage resources togetherCompute and Storage scale and are managed togetherTypically small to medium sized scale-out deployments
Compute and Storage resources separateCompute and Storage scale and are managed independentlyTypically larger scale-out deployments
Scale-out File Server Cluster
Hyper-V Cluster
Virtual Machines
I/OSched
I/OSched
I/OSchedPolicy
Manager
RateLimiter
s
RateLimiter
s
RateLimiter
s
RateLimiter
s
SMB3 Storage Network Fabric
Control and monitor storage performance
Flexible and customizabl
e
Policy per VHD, VM, Service or Tenant
Define Minimum & Maximum IOPs
Fair distribution within policy
Simple out of box behavior
Enabled by default for Scale Out File Server
Automatic metrics (normalized IOPs & latency) per VM & VHD
Management
System Center VMM and Ops Manager
PowerShell built-in for Hyper-V and SOFS
Storage Quality of Service (QoS) – Greater efficiency
Cluster OS Rolling UpgradeMixed OS mode is a new transition state for Failover ClustersOptimizations don’t runNew features are not availableDo not plan on running your cluster in Mixed OS Mode for longer than one month
WindowsServer2016
FailoverCluster
WindowsServer
2012 R2
FailoverCluster
Mixed OS
Mode2012 R2 & 2016
FailoverCluster
System Center 2016
Cluster OS Rolling Upgrade ProcessStart with a Windows Server 2012 R2 clusterAll nodes running Windows Server 2012 R2The workload supports Cluster OS Rolling Upgrade process
Windows Server 2012 R2
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Failover Cluster
Cluster OS Rolling Upgrade ProcessMigrate Workloads Off Cluster NodePause | Drain the node
Windows Server 2012 R2
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Failover Cluster
Cluster OS Rolling Upgrade ProcessEvict Idle Cluster Node
Windows Server 2012 R2
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Failover Cluster
Cluster OS Rolling Upgrade ProcessRe-Provision NodeInstall New OSInstall and Configure any Workload Requirements
Windows Server 2012 R2
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2016
Failover Cluster
Cluster OS Rolling Upgrade ProcessRe-Add Node To ClusterUsing Cluster UI or PowerShellCluster Functional Level Remains Windows Server 2012 R2
Windows Server 2012 R2
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2016
Failover Cluster
Cluster OS Rolling Upgrade ProcessReady To Migrate Workloads BackMigrate workloads to Windows Server 2016 NodeValidate functionality
Windows Server 2012 R2
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2016
Failover Cluster
Cluster OS Rolling Upgrade ProcessRepeat For Remaining Nodes
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2016
Windows Server 2016
Windows Server 2016
Windows Server 2016
Failover Cluster
Windows Server 2012 R2
Cluster OS Rolling Upgrade ProcessAll Nodes Are UpgradedCluster Functional Level remains Windows Server 2012 R2Functionality is limited to Windows Server 2012 R2 levelsStill possible to add a Windows Server 2012 R2 node to the cluster
Windows Server 2016
Cluster Functional Level = Windows Server 2012 R2
Windows Server 2016
Windows Server 2016
Windows Server 2016
Windows Server 2016
Failover Cluster
Cluster OS Rolling Upgrade ProcessUpgrade Functional LevelCluster Functional Level upgraded To Windows Server 2016:
Update-ClusterFunctionalLevel cmdletNew functionality added in Windows Server 2016 enabledNo longer possible to add a Windows Server 2012 R2 node to the cluster
Windows Server 2016
Cluster Functional Level = Windows Server 2016
Windows Server 2016
Windows Server 2016
Windows Server 2016
Windows Server 2016
Failover Cluster
Cluster OS Rolling Upgrade ProcessUpgrade is completed
Windows Server 2016
Cluster Functional Level = Windows Server 2016
Windows Server 2016
Windows Server 2016
Windows Server 2016
Windows Server 2016
Failover Cluster
Cluster OS Rolling Upgrade: ImplementationCluster components are versioned:
ClusterFunctionalLevel property2016 nodes can join a Windows Server 2012 R2 ClusterUser-driven PowerShell cmdlet to upgrade the cluster:
Update-ClusterFunctionalLevelAll cluster resources receive upgrade notifications
Demo: Rolling Cluster Upgrades
How can I empower next-gen apps/services for my app owners?
What’s on your mind today?
How can I protect my datacenter assets from emerging threats?
How can I deliver on what my mission-critical apps need?
How can I empower next-gen apps/services for my app owners?
How can I deliver on what my mission-critical apps need?
How can I protect my datacenter assets from emerging threats?
Host Guardian ServiceGuarded HostsShielded VMVirtual secure mode
Protect your infrastructure from emerging threats Hardware-rooted security for zero-trust environments
How can I protect my datacenter assets from emerging threats?
Need to maintain stewardship of corporate assets in the midst of emerging threats
Cybercrime costs US economy up to $140 billion annually, report says
Los Angeles Times [2014]
How hackers allegedly stole “unlimited” amounts of cash from banks in just
a few hours
Ars Technica [2014]
The biggest cyberthreat to companies could come from the inside
Cnet[2015]
Cyberattacks on the rise against US corporations
New York Times [2014]
Espionage malware infects rafts of governments, industries around the world
Ars Technica [2014]
Forget carjacking, soon it will be carhacking
The Sydney Morning Herald [2014]
Malware burrows deep into computer BIOS to escape AV
The Register [September 2014]
Bigger motivations
2
Increasing
incidents
1
Bigger risk
3
1 1 2
2 3 3 3
Challenges in protecting high-value assetsAny seized or infected host administrators can access guest virtual machines
Impossible to identify legitimate hosts without a hardware based verification
Tenants VMs are exposed to storage
and network attacks while unencrypted
Fabric
Hypervisor
Customer
Hypervisor
Fabric
Storage
Host OS
Customer
Guest VM
Legitimate host?
Guest VM
Confidently protect sensitive customer data: Designed for ‘zero-trust’ environments
Host Guardian ServiceEnabler to run Shielded Virtual Machines on a legitimate host in the fabricShielded VMBitlocker enabled VM
Virtual Secure ModeProcess and Memory access protection from the host
Any seized or infected host administrators can access guest virtual machines
Impossible to identify legitimate hosts without a hardware based verification
Tenants VMs are exposed to storage and network attacks while unencrypted
Hardware-rooted technologies to separate the guest operating system from host administrators Guarded fabric to identify legitimate hosts and certify them to run shielded tenant Generation 2 VMs
Virtualized trusted platform module (vTPM) support to encrypt virtual machines
Host Guardian Service
Fabric
Hypervisor
Customer
Hypervisor
Fabric
Storage
Host OS
Customer
Guest VM
Trust the host
Guest VM
Hyper-V
Shielded VMs
Host Guardian Service
Storage
HOST without TPM (generic host)
Virtual hard disk
HOST with TPM
Virtual hard disk
Virtual hard disk
Shielded Virtual Machines
Shielded Virtual Machines
Shielded Virtual Machines
Spotlight capabilities
Shielded Virtual Machines can only run in fabrics that are designated as owners of that virtual machine
Shielded Virtual Machines will need to be encrypted (by BitLocker or other means) in order to ensure that only the designated owners can run this virtual machine
You can convert a running Generation 2 virtual machine into a Shielded Virtual Machine
What’s on your mind today?
How can I empower next-gen apps/ services for my app owners?
How can I protect my datacenter assets from emerging threats?
How can I deliver on what my mission-critical apps need?
How can I empower next-gen apps/ services for my app owners?
How can I protect my datacenter assets from emerging threats?
How can I deliver on what my mission-critical apps need?
Compute Infrastructure spectrumAzure Resource ModelDocker/Linux integration with Windows Server and AzureWindows Server & Hyper-V ContainersNano Server (cloud infrastructure OS and container OS)
Deploy next-gen application platformdesigned for distributed cloud applications
How can I empower next-gen apps/services for my app owners?
Compute infrastructure spectrum: Flexibility with control across on-premises and Azure
Microsoft Azure Microsoft Azure Stack
[on-premises | service provider]
Containers Virtual Machines Azure Service Fabric
What’s new in Azure IaaS: Azure Resource ManagerConsistent service delivery across Azure and on-premises datacenters
Declarative, infrastructure-agnostic approach for application deployment
• Infrastructure-as-code
• Management and deployment of infrastructure elements: VMs, storage accounts, NICs, LBs, virtual networks, and more
• Resource Group templates for ‘one-click’ deployments
• Supports RBAC and tagging
Gallery
Azure Resource Manager
Microsoft AzureOn-premises
Consistency
Describe Deploy Control
Azure Resource Manager
How can I empower next-gen apps/services for my app owners?
How can I deliver on what my mission-critical apps need?
How can I protect my datacenter assets from emerging threats?
Microsoft Azure Stack: Application ConsistencyFuture Proof Your Development Investments
How can I empower next-gen apps/services for my app owners?
How can I deliver on what my mission-critical apps need?
How can I protect my datacenter assets from emerging threats?
Cloud Application: Write OnceApplication Running in Azure in Microsoft Datacenters…
How can I empower next-gen apps/services for my app owners?
How can I deliver on what my mission-critical apps need?
How can I protect my datacenter assets from emerging threats?
Cloud Application: Write OnceSame Application Running on Azure Stack in Your Datacenter…
Containers.
The tension between developers and IT
How do you empower developers to create innovative applications at a competitive rate without disrupting IT’s ability to manage servers and maintain control?
Developers need to create applications at a competitive rate without worrying about IT
New applications run smoothly on developer’s machines, but malfunction in traditional IT server
Developer productivity and application innovation become suspended
IT needs to manage servers and maintain compliance with little disruption
IT unsure of how to integrate unfamiliar applications, require help from developers
IT is unable to focus on server protection and application compliance
Developers IT
Hardware
What is a container?Traditional virtual machines = Hardware virtualization
VM VM VM VM VM
…
Containers = Operating system virtualization
Kernel
CONTAINER CONTAINER CONTAINER CONTAINER CONTAINER
…
Application
OS
Hardware
Processes
Kernel
OS
Demo: Windows Server Containers
• A new headless, 64-bit only, deployment option for Windows Server
• Deep refactoring focused on • CloudOS infrastructure• Born-in-the-cloud applications
And one more “little” thing: Nano Server
NanoServer
ServerCore
Serverwith a
Desktop Exp
Server CoreNano Server
Container operating system environments
Traditional applications
Highly compatible
Highly optimized
Born-in-the-cloud applications
And there is more…What’s new in Windows Server 2016https://technet.microsoft.com/library/dn765472.aspx
What’s new in System Center 2016https://technet.microsoft.com/en-us/library/mt445442.aspx
Azure in your Datacenterhttp://www.microsoft.com/en-us/server-cloud/products/azure-in-your-datacenter/
SummaryWhere are we in Datacenter Evolution?Virtualization is mature. It’s about cloud.
Cloud: concerns vs. opportunitiesConcerns: Security, Shadow IT => lack of control
Opportunities: Agility. Scale. Access. Disaster Recovery. Data Analytics, Machine Learning
Learn how to take back control from Shadow ITAssurance with Host Guardian Service and Shielded VMs
Next-gen application platform with Open Source support, Containers and Nano Server
© 2014 Microsoft Corporation. All rights reserved.