[ppt]windows azure virtual machines - andrew's blog | … · web viewwindows azure virtual...
TRANSCRIPT
Windows Azure Virtual Machines
Support for key server applications
Easy storage manageability
High availability features
Advanced networking
Integration with compute PaaS
IaaS Workloads – all about the appLine of Business ApplicationsCustom Applications, CRM, CMS, ERP, Business IntelligenceApplication InfrastructureFile Servers, Databases, Identity, Source ControlDeveloper, Test and Staging Environments Quickly Provision and Un-provision Entire EnvironmentsHybrid ApplicationsApplications that span your data center and the cloud
VM Role Virtual MachineStorage Non-Persistent Storage Persistent Storage
Easily add additional storage Deployment Build VHD offsite and upload
to storage.Build VHD directly in the cloud or build the VHD offsite and upload
Networking Internal and Input Endpoints configured through service model.
Model Endpoints through the portal or through automation (PowerShell/Bash)
Primary Use Deploying applications with long or complex installation requirements into stateless PaaS applications
Applications that require persistent storage to easily run in Windows Azure.
Virtual Machine vs VM Role
Images Available at PreviewWindows Server 2008 R2Windows Server 2008 R2 with SQL Server 2012 EvaluationWindows Server 2012
OpenSUSE 12.1CentOS 6.2 Ubuntu 12.04SUSE Linux Enterprise Server SP2
New Disk Persisted in Storage
Blob Storag
e
Cloud
Cloud First ProvisioningSelect Image and VM SizeGetting Started
Management Portal
>_Scripting
(Windows, Linux and Mac)
REST API
Boot VM from New DiskWindows ServerLinuxExtra SmallSmallMediumLarge X-Large
Bring Your Own Server/VHDOn-Premises
On Premises Virtual Server
MyApp.vhd
Cloud
Blob Storag
e
Provision VM from Image or
Disk using portal, script or APIUse Case
• Forklift Migration of VMs• Sys Prepped ImagesVHD Must Be Fixed Disk * CSUpload Can Convert on Upload
Imaging VMs in the CloudCloud
Blob Storag
e
Blob Storag
e
Base.VHD
Identical/similar deployment instances using common OS image
as start
Capture VM Saves Customized Image to Your Image Library
Disks and ImagesOS Images• Microsoft• Partner • User
Disks• OS Disks • Data Disks
Base OS image for new Virtual MachinesSys-Prepped/Generalized/Read Only Created by uploading or by capture
Writable Disks for Virtual MachinesCreated during VM creation or during upload of existing VHDs.
Persistent Disk Management
• C:\ = OS Disk• D:\ = Non-Persistent Cache Disk• E:\, F:\. G:\ ... Data Disks
Capability OS Disk Data Disk
Host Cache Default
ReadWrite None
Max Capacity 127 GB 1 TB
Imaging Capable Yes No
Hot Update Cache Setting Requires Reboot
Change Cache Without Reboot, Add/Remove without Reboot.
Persistent Disks and Highly Durable
Windows Azure Storage
Windows Azure Storage (Disaster Recovery)
Virtual Machine
Persistent Disks and Highly Durable
Windows Azure Storage
Windows Azure Storage (Disaster Recovery)
Virtual Machine
Virtual Machine
Virtual Machine Sizes
Each Persistent Data Disk Can be up to 1 TB
VM Size CPU Cores Memory Bandwidth # Data Disks
Extra Small Shared 768 MB 5 (Mbps) 1
Small 1 1.75 GB 100 (Mbps) 2
Medium 2 3.5 GB 200 (Mbps) 4
Large 4 7 GB 400 (Mbps) 8
Extra Large 8 14 GB 800 (Mbps) 16
Disk Caching
Disk Type Default Supported
OS Disk ReadWrite ReadOnly and ReadWrite
Data Disk None None, ReadOnly and ReadWrite
Modify using Set-AzureOSDisk or Set-AzureDataDisk
VM Management and AutomationActive Directory Group Policy
Windows Remote Management (WinRM)
SCOM 2012 Support for Managing Virtual Machines
Full REST API for Programmatic Automation and Management
Windows Azure PowerShell Cmdlets
Cross Platform Scripting (Linux, Mac and Windows)
Windows Azure Monitoring Service (On Roadmap)
Scripting CapabilitiesFull Support for IaaS at spring launch• Windows Azure PowerShell Cmdlets• Cross Platform Scripting Built on node.js
Capabilities• Provisioning, Removal• Reboot, Start• Import and Export VM settings• Support for Windows and Linux VMs• Domain Join at Provision for Windows• Fully Customize VM with Data Disks and
Endpoint Configuration• Automate Virtual Network Settings
CLOUD SERVICE
Cloud Services, Roles and InstancesCloud Service is a management, configuration, security, networking and service model boundary
VM1 VM2 VM3
VM4 VM5 VM…
INST
ANCE
S
ROLE
S
Cloud Services with Virtual MachinesMultiple Virtual Machines can be hosted within the same cloud service CLOUD SERVICE
VM VM
Virtual Machine Names and DNSFull Control Over Machine Names
Windows Azure provided DNSResolves VMs by name within the same cloud serviceMachine names are modeled explicitly and registered in the DNS service
Bring Your Own DNS ServerUse your on-premises DNS serversDeploy a DNS server in Windows AzureUse public DNS services
Protocols and EndpointsUDP Traffic Supported in WA
Load-balanced incoming traffic and allows outbound traffic
Support for All IP-Based Protocols (VM to VM)Instance-to-instance communicationTCP, UDP and ICMP, dynamic ports
Port Forwarded EndpointsDirect communication to multiple VMs in the same cloud app
Custom Load Balancer Health ProbesHealth check with probe timeoutsHTTP based probing, allowing granular control of health checks
Port Forwarding Input EndpointsPORT 3389PORT 5586
PORT 5587
Single Public IP Per Cloud Service
Cloud App / Hosted Service
EndpointPublic PortLocal PortProtocol (TCP/UDP)Name
PORT 3389
Load Balancer Custom ProbesCloud AppLoad Balancer Probe
Set NameProbe Protocol (HTTP/TCP)Probe PortProbe Path(/healthcheck.aspx)
Looks for HTTP 200(Omit Probe Path for TCP)
PORT 80
Service Level Agreements
99.9% for single role instances8.75 hours of downtime per year
What’s includedCompute Hardware failure (disk, cpu, memory)Datacenter failures - Network failure, power failureHardware upgrades, Software maintenance – Host OS UpdatesPlanned downtime – 6 day notice, 6 hour window, 25 minute downtime
What is not includedVM crashes caused by 3rd party software, Guest OS Updates
99.95% for multiple role instances4.38 hours of downtime per year
Fault and Update DomainsFault DomainsRepresent groups of resources anticipated to fail togetheri.e. Same rack, same serverFabric spreads instances across fault at least 2 fault domains
Update DomainsRepresents groups of resources that will be updated togetherHost OS updates honour service update domainsSpecified in service definitionDefault of 5 (up to 20)
Fabric spreads role instances across Update Domains and Fault Domains
Fault DomainRack
Fault and Update DomainsFault Domain
Rack
INSTANCE
INSTANCE
INSTANCE
INSTANCE
INSTANCE
INSTANCE
INSTANCE
INSTANCE
UD #1
UD #1
UD #2
UD #2
Virtual Machine Availability SetsUpdate Domains are honored by host OS updates Fault Domain
RackFault Domain
Rack
IIS1
SQL1
IIS2
SQL2
UD #2
UD #2
UD #1
UD #1
Virtual Machine Virtual Machine Virtual Machine
How Does this Relate to SLA?
SQL Server
SLA 99.9 SLA 99.95
SQL Server
Primary
SQL Server
Secondary
Availability set
Persistent VM Role
Persistent VM Role
Redundancy at every levelEnd to End Highly Available Solution
IIS Web Application
Web Role
IIS Web Application
Web Role
LB SQ
L Mirr
orin
g
Internet
SQL-AVSET
IIS-AVSET
SQLServer
SQLServer
Cross-premise Connectivity
IP-level connectivity
Data SynchronizationSQL Azure Data Sync
Application-layer Connectivity &
Messaging Service Bus
Secure Machine-to-Machine Network
ConnectivityWindows Azure Connect
Secure Site-to-Site Network Connectivity
Windows Azure Virtual Network
CLOUD ENTERPRISE
Corpnet
Windows Azure Virtual NetworkYour “virtual” branch office / datacenter in the cloudEnables customers to extend their Enterprise Networks into Windows AzureNetworking on-ramp for migrating existing apps and services to Windows AzureEnables “hybrid” apps that span cloud and their premises
A protected private virtual network in the cloudEnables customers to setup secure private IPv4 networks fully contained within Windows AzureIP address persistenceInter-service DIP-to-DIP communication
Subnet 2Subnet 1
Virtual Networks ScenariosHybrid Public/Private CloudEnterprise app in Windows Azure requiring connectivity to on-premise resourcesEnterprise Identity and Access ControlManage identity and access control with on-premise resources (on-premises Active Directory)Monitoring and ManagementRemote monitoring and trouble-shooting of resources running in Windows AzureAdvanced Connectivity RequirementsCloud deployments requiring persistent IP addresses and direct connectivity across services
Does Your App Need a Virtual Network?Persistent IP Address RequirementsVirtual Machines deployed into a virtual network have an infinite DHCP lease.Hybrid On-Premises Cloud AppsRequirement for connectivity between your data center and the public cloud. Connectivity between cloud services. Deploying Active Directory in the Cloud or connecting a PaaS to IaaS Service.
Corpnet
Subnet 2Subnet 1
Supported VPN Device ListCiscoPlatform OS Family Examples
ASA 5500 Series (Adaptive Security Appliances)
ASA Software 8.4+
5505, 5550
ASR 1000 Series Aggregation Services Routers
IOS XE 2.1+ 1002
ISR Series Integrated Services Routers
IOS 12.2+ 2801, 2901, 2911
JuniperPlatform OS Family Examples
SRX Series Routers JunOS 10.2+ 210, 650
J Series Routers JunOS 9.4+ 4350
ISG Series Routers ScreenOS 6.2+ SX2
SSG Series Routers ScreenOS 6.2+ 550
Generic VPN devices must support• IKE v1• AES 128, 256• SHA1, SHA2
The Benefits of PaaS
Paas is cheaperReason: There’s less admin and management work to doBenefit: Organizations spend less supporting applications
PaaS is fasterReason: There’s less work for developers to doBenefit: Applications can go from idea to availability more quickly
PaaS is lower riskReason: The platform does more, leaving fewer opportunities for errorBenefit: Creating and running applications gets more reliable
IaaS and PaaS Side by Side
Direct Connectivity Using Virtual NetworkingFor advanced connectivity scenarios such as Active Directory or DCOM
Connect Cloud Apps via VIPsEasily compose services by connecting public endpoints
Connecting Applications and VMsStrengthsSimplicityTenant AutonomyVIP Swap (cloud services)Easy Local Dev/Test
SQL Data Access Traffic
Through Public
Endpoint
WeaknessesHigher LatencyLess SecureManagement/Deployment Overhead
Cloud Service or Web Site
Cloud Service
SQL Server
Load Balancer
80
2001-1433
Secure Endpoints with Windows Server Firewall
Load Balancer
Connecting Cloud Services with VNETStrengthsProtect VMs from the open InternetLower LatencyVIP Swap (web / worker roles)Advanced Connectivity Requirements
WeaknessesVNET Complexity Windows Azure Provided DNS does not span cloud services
Direct Access
via VNET
AppSubnet (10.0.0.0/16)
SQLSubnet (10.1.0.0/16)
Load Balancer
80Web or Worker
Cloud Service1
Cloud Service 2
AD
SQL Mirror
AD Subnet
(10.2.0.0/16)
ContosoVNet (10.0.0.0/8)
Summary
Support for key server applications
Easy storage manageability
High availability features
Advanced networking
Integration with compute PaaS
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a
commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.