Windows Azure Virtual Machine IntroductionZvezdan Pavković

MDC316

Virtual Machines: PaaS vs IaaS

Storage Non-Persistent StoragePersistent StorageEasily add additional storage.

Networking

Internal and Input Endpoints configured through service model.

Internal Endpoints are open by default.Access control with firewall on guest OS. Input endpoints controlled through portal, service model or API/Script.

Deployment

Stock VHDs.Build VHD directly in the cloud or build the VHD offsite and upload.

Primary Use

Stateless scale-out applications.Applications that require persistent storage to easily run in Windows Azure.

Windows Azure Virtual MachinesIT Pro experience

Support for key server applications

Easy storage manageability

High availability features

Advanced networking

Integration with compute PaaS

Azure Image Library (not the whole list)

Windows Server 2008 R2

Windows Server 2008 R2 with SQL Server 2012 Evaluation

Windows Server 2012

Biztalk Server 2013 Beta

OpenSUSE 12.1

CentOS 6.2

Ubuntu 12.04

SUSE Linux Enterprise Server 11 SP2

Supported Windows Server Applications

http://support.microsoft.com/kb/2721672

We will supportSUSE SLES 11 sp2Open SUSE 12.1CentOS 6.2 by OpenLogic* Ubuntu 12.04

Specific versions are endorsedIntegration ComponentsTesting and validation by partnersBring other variants at your own risk**

Linux on Windows Azure

*Image provided by OpenLogic based on CentOS 6.2**Integration Work will be needed

Virtual Machine Images and Disks

Persistent Disk Management

• C:\ = OS Disk• D:\ = Non-Persistent Cache Disk• E:\, F:\. G:\ ... Data Disks

Capability OS Disk Data Disk

Host Cache Default

ReadWrite None

Max Capacity 127 GB 1 TB

Imaging Capable Yes No

Hot Update Cache Setting Requires Reboot

Change Cache Without Reboot, Add/Remove without Reboot.

Disk Caching

Disk Type Default Supported

OS Disk ReadWrite Read-only and ReadWrite

Data Disk None None, Read-only and ReadWrite

Modify using Set-AzureOSDisk or Set-AzureDataDisk

Persistent Disks and Highly Durable

Windows Azure Storage

Windows Azure Storage (Disaster Recovery)

Virtual Machine

Persistent Disks and Highly Durable

Windows Azure Storage

Windows Azure Storage (Disaster Recovery)

Virtual Machine

Virtual Machine

Base OS image for new Virtual Machines

Sys-Prepped/Generalized/Read Only

Created by uploading or by capture

Writable Disks for Virtual Machines

Created during VM creation or during upload of existing VHDs.

Images and DisksOS Images

MicrosoftPartner User

Disks

OS Disks Data Disks

Image MobilityOn-Premises Cloud

MyApp.vhd

Bring Your Own Server/VHDOn-Premises

On Premises Virtual Server

MyApp.vhd

Cloud

Provision VM from Image or

Disk using portal, script or API

•

•

Imaging VMs in the CloudCloud

Base.VHD

Identical/similar deployment instances using common OS image

as start

Capture VM Saves Customized Image to Your Image Library

Tips on BYO Generalized Images

• Sysprep and “Generalize” is expected

• Do NOT put unattend.xml on the disk

• Do NOT install the Windows Azure Integration Components!!

• No WA Agent

Virtual Machines and Cloud Services

Cloud Service is a…

• Management

• Configuration

• Security

• Networking

• Service Model

boundary

Cloud Services, Roles, and Instances

INS

TAN

CES

RO

LES

VM 1 VM 2 VM 3WEB ROLE

VM 4 VM 5 VM…WORKER ROLE

Cloud Services with Virtual MachinesMultiple Virtual Machines can be hosted within the same cloud service

Cloud Service

Virtual Machine Availability

Service Level Agreements

What’s includedCompute Hardware failure (disk, cpu, memory)Datacenter failures - Network failure, power failureHardware upgrades, Software maintenance – Host OS UpdatesWhat is not includedVM Container crashes, Guest OS Updates

99.95% for multiple role instances4.38 hours of downtime per year

Availability set

Fault and Update DomainsFault Domains•Represent groups of resources anticipated to fail together•i.e. Same rack, same server•Fabric spreads instances across fault at least 2 fault domains

Update Domains•Represents groups of resources that will be updated together•Host OS updates honour service update domains•Specified in service definition•Default of 5 (up to 20)

Fabric spreads role instances across Update Domains and Fault Domains

Rack

Fault and Update Domains

Rack

Web Role

INSTANCE

INSTANCE

Worker Role

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

UD #1

UD #1

UD #2

UD #2

Virtual Machine Availability SetsUpdate Domains are honored by host OS updates

Rack Rack

Availability Set

Availability Set

Virtual Machine

Virtual Machine

Virtual Machine

Virtual Machine

IIS1

SQL1

IIS2

SQL2

UD #2

UD #2

UD #1

UD #1

SQL Server2

SQL Server1

End to End Highly Available SolutionRedundancy at every level

IIS Web Application

Web Role

IIS Web Application

Web Role

LB

SQ

L M

irro

ring

Internet

SQL-AVSET

IIS-AVSET

Windows Azure Networking

Virtual Machine Names and DNS

Bring your own DNS serverUse your on-premise DNS serversDeploy a DNS server in Windows AzureUse public DNS services

Windows Azure provided DNS Resolves VMs by name within the same cloud serviceMachine names are modeled explicitly and registered in the DNS service

Full control over machine names

Protocols and Endpoints

Port Forwarded EndpointsDirect communication to multiple VMs in the same cloud service

Support for All IP-Based Protocols (VM to VM)Instance-to-instance communicationTCP, UDP and ICMP, dynamic ports

UDP Traffic Supported in WALoad-balanced incoming traffic and allows outbound traffic

Custom Load Balancer Health ProbesHealth check with probe timeoutsHTTP based probing, allowing granular control of health checks

EndpointPublic PortLocal PortProtocol (TCP/UDP)Name

Port Forwarding Input EndpointsCloud App/Hosted Service

Single Public IP Per Cloud Service

Load Balanced Sets

Endpoint SetPublic PortLocal PortProtocol (TCP/UDP)Name

Cloud App

Load Balancer Custom ProbesLoad Balancer ProbeSet NameProtocol (TCP)Probe PortProbe Path(/healthcheck.aspx)

Looks for HTTP 200

Cloud App

DNS and Name Resolution

Windows Azure DNS ScenarioWindows Azure DNS Scenarios

A. Client-server applications using VMs

VM

SQL Reporting Service

VM

SQL Analysis Service

VM

SQL Service

Use your own DNS ScenarioUse your own DNS Scenarios

B. Hybrid connectivity with on-premise (DNS on-premise)

On-Premises Machine

Active Directory

Active Directory

SQL Service

Domain joined to On-Premises Network

On-Premises Machine

Business Components & Entities

On-Premises Machine

UI Process Components

Web Tier

Active Directory

Custom DNS ScenarioC. SharePoint with custom DNS (VM)

Internet

VM Role

SharePoint FrontEnd

VM Role

SharePoint FrontEnd

VM Role

Search and Indes

SQL Service

VM Role

DC DNS

VM Role

VM Role

SQL

VM Role

SQL

Local DNSS

QL M

irrorin

g

LB

Open User Access (Website)

Virtual Networks & Cross-premise connectivity

Cross-premise connectivity

Secure Site-to-Site Network Connectivity

Windows Azure Virtual Network

CLOUD ENTERPRISE

Data SynchronizationSQL Data Sync

Application-Layer Connectivity &

Messaging Service BusSecure Machine-to-

Machine ConnectivityWindows Azure Connect

Does Your App Need a Virtual Network? IP Address Requirements• Virtual Machines deployed into a virtual network have an

infinite DHCP lease

Hybrid On-Premises Cloud Apps• Requirement for connectivity between your data center

and the public cloud

Connectivity between cloud services• Deploying Active Directory in the Cloud or connecting a

PaaS to IaaS Service

Windows Azure

Windows Azure Virtual NetworkYour “virtual” branch office / datacenter in the cloud• Enables customers to extend their Enterprise

Networks into Windows Azure

• Networking on-ramp for migrating existing apps

and services to Windows Azure• Enables “hybrid” apps that span cloud/premises

A protected private virtual network in the cloud• Enables customers to setup secure private IPv4

networks fully contained within Windows Azure• IP address persistence• Inter-service DIP-to-DIP communication

The Branch Office

The Corp. HQ

IIS Servers

AD / DNS

SQL Servers

Exchange

The “virtual” branch office

The Virtual Network

in Windows AzureS2S VPN Device

S2S VPN Device

S2S VPN tunnel

BRK Gateway

S2S VPN tunnel

Virtual Network SummaryCustomer-managed private virtual networks within Windows Azure• “Bring your own IPv4 addresses”• Control over placement of Windows Azure Roles within the network• Stable IPv4 addresses for VMs

Hosted VPN Gateway enables site-to-site connectivity• Automated provisioning & management• Support existing on-premises VPN devices

Use on-premise DNS servers for name resolution• Enables customers to use their on-premise DNS servers for name resolution• Enables VMs running in Windows Azure to be joined to corporate domains running

on-premise (use your on-premise Active Directory)

Related contentILL-AZR201 - Getting to Know Windows Azure IaaS, part 1ILL-AZR201 - Getting to Know Windows Azure IaaS, part 2DBI334 - Overview, Best Practices and Lessons Learned on Microsoft SQL Server in Windows Azure Virtual MachinesATC226 - Windows Azure Hybrid Architectures and PatternsMDC213 - Building Cloud Services with the Windows Azure Pack

Developer Network

Resources for Developers

http://msdn.microsoft.com/en-au/

Learning

Virtual Academy

http://www.microsoftvirtualacademy.com/

TechNet

Resources

Sessions on Demand

http://channel9.msdn.com/Events/TechEd/Australia/2013

Resources for IT Professionals

http://technet.microsoft.com/en-au/

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.