Petra Korica-Pehserl Infrastructure Architecture Evangelist Microsoft Österreich Inside Windows Azure Insights for IT-Pros ;-)
Disclaimer - some slides were taken from following presentations: Mark Russinovic - Inside Windows Azure: The Cloud Operating System - Ryan Dunn - Deploying, Troubleshooting, Managing and Monitoring Applications on Windows Azure Ryann Dunn - Integrating Applications on Windows Azure with the Enterprise - Joey Snow - An IT Pro View of Windows Azure - and TechReady 10 Jürgen Mayrbäurl and Petra Korica-Pehserl - Windows Azure - Architektenforum Microsoft Österreich
Agenda 09:00 – 09:50 09:50 – 10:00 10:00 – 11:15 11:15 – 11:30 11:30 – 12:45 12:45 – 13:45 13:45 – 15:00 15:00 – 15:15 15:15 – 16:30 16:30 – 17:30 MSDN Track Windows Phone 7 ist da! TechNet Track Hybride IT-Architektur Webcast Area All day Program am Event Keynote Break User Experience: Wie gestalte ich meine Windows Phone 7 Applikation Egal ob heiter oder wolkig - Business Process Management im Cloud-Computing Zeitalter Red Bull TV - Entwicklung einer Real World Windows Phone 7 Applikation in 70 Minuten Application Infrastructure Technologies - Extending On Premise EAI to the cloud Eigene Live Tiles, Geo Location, Push Notification und andere Phone Funktionen im Detail Windows Azure Insights for IT-Pros Labyrinth 4 phone 7 – Spieleentwicklung mit XNAHPC und Azure - Wie kann ich die Rechenleistung der Cloud fuer meine Analyse verwenden Community Drinks & Networking
Cloud Fundamentals Windows Azure Fundamentals Deployment Monitoring Integration with on-premise Infrastructure Agenda
Infrastructure as a Service (IaaS): basic compute and storage resources – On-demand servers – Amazon EC2, VMWare vCloud Platform as a Service (PaaS): cloud application infrastructure – On-demand application-hosting environment – E.g. Windows Azure; Google AppEngine, Salesforce.com, Software as a Service (SaaS): cloud applications – On-demand applications – E.g. Hotmail, Microsoft Office Web Companions Cloud Fundamentals
The Cloud is about cheap, on-demand capacity The Benefits of the Cloud = Managed for You Standalone Servers IaaS PaaS SaaS Applications Runtimes Database Operating System Virtualization Server Storage Networking Windows Azure
Windows Azure is an OS for the data center – Model: Treat the data center as a machine – Handles resource management, provisioning, and monitoring – Manages application lifecycle – Allows developers to concentrate on business logic Provides shared pool of compute, disk and network – Virtualized storage, compute and network – Illusion of boundless resources Provides common building blocks for distributed applications – Reliable queuing, simple structured storage, SQL storage – Application services like access control and connectivity Windows Azure
Windows Azure Components Windows Azure PaaS ApplicationsWindows Azure Service Model Runtimes.NET 3.5/4, ASP.NET, PHP Operating System Windows Server 2008 or 2008 R2- Compatible OS VirtualizationWindows Azure Hypervisor ServerMicrosoft Blades DatabaseSQL Azure StorageWindows Azure Storage (Blob, Queue, Table) NetworkingWindows Azure-Configured Networking
Configuration and deployment: – Certificate management (e.g. SSL) – Load-balanced public endpoints – Internal endpoint configuration and discovery Operations: – Remote desktop access management – Automated OS and runtime updates – Coordinated updates Availability: – Health monitoring – SLA guaranteed uptime Basic Windows Azure Functionality
Modeling Cloud Applications Front- End
A Windows Azure application is called a “service” – Definition information – Configuration information – At least one “role” Roles are like DLLs in the service “process” – Collection of code with an entry point that runs in its own virtual machine There are currently three role types: – Web Role: IIS7 and ASP.NET in Windows Azure-supplied OS – Worker Role: arbitrary code in Windows Azure-supplied OS – VM Role: uploaded VHD with customer-supplied OS The Windows Azure Service Model
Definition: – Role name – Role type – VM size (e.g. small, medium, etc.) – Network endpoints Code: – Web/Worker Role: Hosted DLL and other executables – VM Role: VHD Configuration: – Number of instances – Number of update and fault domains Role Contents
Service definition is in ServiceDefinition.csdef Service configuration is in ServiceConfiguration.cscfg Publish - CSPack program Zips service binaries and definition into service package file (service.cscfg) Service Model Files
Visual Studio Demo
Purpose: Ensure service stays up while updating and Windows Azure OS updates System considers update domains when upgrading a service – 1/Update domains = percent of service that will be offline – Default and max is 5, but you can override with upgradeDomainCount service definition property The Windows Azure SLA is based on at least two update domains and two role instances in each role Availability: Update Domains
Example Front -End- 1 Front -End- 2
Purpose: Avoid single points of failures – Similar concept to update domains – But you don’t control the updates Unit of failure based on data center topology – E.g. top-of-rack switch on a rack of machines Windows Azure considers fault domains when allocating service roles – 2 fault domains per service – Will try and spread roles out across more – E.g. don’t put all roles in same rack Availability: Fault Domains Front- End-1 Fault Domain 1 Fault Domain 2 Front- End-2 Middl e Tier- 2 Middl e Tier- 1 Fault Domain 3 Middl e Tier- 3
Service package uploaded to portal – Windows Azure Portal Service passes service package to “Red Dog Front End” (RDFE) Azure service – RDFE converts service package to native “RD” version RDFE sends service to Fabric Controller (FC) based on target region FC stores image in repository and deploys and activates service Deploying a Service to the Cloud: The 10,000 foot view
The “kernel” of the cloud operating system – Manages datacenter hardware – Manages Windows Azure services Four main responsibilities: – Datacenter resource allocation – Datacenter resource provisioning – Service lifecycle management – Service health management Inputs: – Description of the hardware and network resources it will control – Service model and binaries for cloud applications The Fabric Controller (FC) Server Datacenter
TORTOR LB PD U LB Racks Datacenter Routers Aggregation Routers and Load Balancers TORTOR PD U TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR TORTOR ………… … Top of Rack Switches Power Distribution Units … Nodes
Windows Azure Datacenters
Cloud Fundamentals Windows Azure Fundamentals Deployment Monitoring Integration with on-premise Infrastructure Agenda
The Development Portal: Staging and Production.cloudapp.netmyapp.cloudapp.net
There are two update types: – In-place – VIP swap In-place update: – Supports changes to configuration or binaries, not service definition – Role instances upgraded one update domain at a time – Two modes: automatic and manual VIP swap update: – Service definition can change, but external endpoints must remain the same – New version of service deployed, external VIP/DIP mapping swapped with old Changes to external endpoint count require a new deployment Update Types Role A UD 1 Role A UD 2
Upgrades the entire service Turns the staging environment into the production, and production into staging Any existing state will be lost Deployment: VIP Swap myapp.cloudapp.net.cloudapp.net
Deployment: Removing a Service
Cloud Fundamentals Windows Azure Fundamentals Deployment Monitoring Integration with on-premise Infrastructure Agenda
Windows Azure Service Management Cmdlets
MMC Snapin providing graphical view of services, diagnostics, and storage Plugin-based, extensible Remotely configure diagnostics Download and view diagnostics Windows Azure MMC
Windows Azure MMC Demo
Windows Azure Diagnostics – IIS Logs, Crash Dumps, FREB Logs – Arbitrary log files – Performance Counters – Event Logs – Debug/Trace statements – Infrastructure events Windows Azure Monitoring Management Pack for SCOM – Available as RC now! – Monitors Health, Scales, and more Remote Desktop Monitoring
Remote Desktop Demo
Cloud Fundamentals Windows Azure Fundamentals Deployment Monitoring Integration with on-premise Infrastructure Agenda
Integration with on-premise Infrastructure VM role Windows Azure Virtual Network SQL Azure (Data Sync Update, Portal)
Upload your Hyper-V VHDs – Windows Server 2008 R2 With VM Role, the customer creates & maintains the OS Windows Azure does not automatically understand the health of the applications running in our VM Intended for long or complicated (manual) setups Access to the Fabric Controller API (Endpoint Discovery, Health reporting, on/off Load balancer, etc.) VM Role
Building OS Image
No – IaaS -> STATELESS! – Loss of data in case of HW failure! – Possibiltity of saving state: Windows Azure Drive Windows Azure Blob Storage SQL Azure – Diff Changes – possible to load changes (eg. patches) to a image without loading whole image! VM Role
Azure Virtual Network - Windows Azure Connect
Secure network connectivity between on-premises and cloud – Supports standard IP protocols Enterprise app migrated to Azure that requires connectivity to on- premises SQL Server – Migrate apps without requiring changes or relocating on-premises resources to be internet accessible Azure app domain-joined to on-premises Active Directory – Control access to Azure roles based on existing AD accounts and groups Remote administration and trouble-shooting of Azure roles – Remote PowerShell to access info from Azure instances Windows Azure Connect – Use Cases
Enable Azure Roles for external connectivity via service model Enable external computers for connectivity by installing Connect agent Network policy managed through Azure portal – Granular control of connectivity between Azure roles and external machines Automatic setup of secure IP-level network between connected role instances and external computers – Tunnel firewalls/NAT’s through hosted relay service – Secured via end-to-end IPSec – DNS name resolution Closer Look Role ARole B Role C (multiple VM’s) Azure Enterprise Dev machines Databases Relay
Connect plug-in supports domain-join of Azure Roles to on-premise Active Directory Scenarios enabled: – Log into Azure VM’s using domain accounts – Connect to on-premise SQL server using Windows Integrated Auth – Migrate LOB apps to cloud that assume domain-joined environment Process to enable: – Deploy Connect agent on DC / DNS server(s) For multiple DC environment, recommend creating dedicated Site for Azure – Configure Connect plug-in to automatically join Azure role instances to AD Specify credentials used for domain-join operation Specify target OU for Azure instances Specify list of domain users / groups to add to local Administrators group – Configure Connect network policy to enable connectivity between Azure roles and DC / DNS servers – New Role instances will automatically be domain-joined AD Domain Join
Windows Azure Connect Demo
SQL Server 2008 as core DB engine Shared infrastructure at SQL database and below – Request routing, security and isolation Scalable HA technology provides the glue – Automatic replication and failover Provisioning, metering and billing infrastructure Database in the Cloud - Architecture Provisioning (databases, accounts, roles, …), Metering, and Billing Machine 5 SQL Instance SQL DB User DB1 User DB2 User DB3 User DB4 Machine 6 SQL Instance SQL DB User DB1 User DB2 User DB3 User DB4 Machine 4 SQL Instance SQL DB User DB1 User DB2 User DB3 User DB4 Scalability and Availability: Fabric, Failover, Replication, and Load balancing
Database in the Cloud - Data Sync Sync SQL Azure to SQL Azure Sync SQL Azure Enterprise to Cloud Sync
SSMS/Huston Demo
Petra Korica-Pehserl Infrastructure Architecture Evangelist Microsoft Österreich Herzlichen Dank!