Microsoft Azure The cloud platform built for business
Mario Cavaldesi Cloud Solution Architect Cloud/On-Premises Comparison Chart
( Private Cloud ) The next strategic opportunity is here
Cloud Mobile Social Big data to architect business innovation? How do you use technology ? innovation…
Increased Customer Real-time Embrace new productivity growth insights models Cloud & IT Strategy Public Cloud Platforms
SaaS (Software as a Service)
?
Virtual Physical The Azure Platform Strategy
Public Cloud
Platform
Operations
Operations
Hybrid
Hybrid
Security & & Security
Security & & Security Management Management SaaS (Software as a Service) O365, CRM, VSO etc… + 3rd Party SaaS Solutions
Microsoft Azure Stack Public, Global, Shared Datacenters & Cloud Platform System Industry "Microsoft’s comprehensive hybrid story, which spans applications and validation platforms as well as infrastructure, is highly attractive to many companies, drawing them towards the cloud in general.”
LYDIA LEONG, GARTNER
Microsoft Leads Everywhere…
Public Cloud IaaS (May 2015) Cloud Storage (June 2015) Enterprise App PaaS (Jan 2014) X86 Server Virt (July 2015) Operational DBMS Systems (Oct 2014) Huge infrastructure scale is the enabler 24 Regions Worldwide, 22 ONLINE…huge capacity around the world…growing every year
North Central US Illinois North Europe West Europe Ireland Canada Central Netherlands Central US Toronto Canada East Iowa Quebec City China North * US Gov Beijing Iowa Japan East China South * Saitama Shanghai West US East US California Virginia India Central Japan West Pune Osaka East US 2 South Central US Virginia India South US Gov Texas India West Chennai Virginia Mumbai East Asia Hong Kong
SE Asia Singapore
Australia East New South Wales
Brazil South Sao Paulo Australia South East Victoria 100+ datacenters Top 3 networks in the world Operational 2x AWS, 6x Google DC Regions Announced/Not Operational G Series – Largest VM in World, 32 cores, 448GB Ram, SSD… * Operated by 21Vianet Azure compliance audits and certifications Global
ISO/IEC 27001 SOC 1 SOC 2 PCI DSS L1 version 3 Cloud Security Alliance ISO / IEC 27018 Cloud Security Matrix
United States
FedRAMP HIPAA FIPS 140-2 Life Sciences GxP Family Educational Rights & (Healthcare) Privacy Act
Regional
European Union United Kingdom China China Singapore Australian Signals Model Clause G-Cloud Multi Layer Protection Scheme CCCPPF Multi-Tier Cloud Directorate I-RAP Security Assessment
Coming soon
Sarbanes Oxley Criminal Justice Defense Information ITAR Defense Information Information System Systems Agency L2 Systems Agency L3-5 Azure momentum
~100,000 20 Million >50 Trillion >5 Trillion New Azure customer SQL database hours Storage objects Storage transactions subscriptions/month used every day in Azure every month
425 Million 60 Billion 57% 1 Trillion Azure Active Hits to Websites run on Of Fortune 500 Companies Messages delivered every Directory Users Azure Web App Service use Microsoft Azure month with Event Hubs Microsoft Azure Microsoft Private Cloud Microsoft Azure (on premises | hosted) Microsoft Private Cloud Microsoft Azure (on premises | hosted) MicrosoftMicrosoft Private Azure StackCloud Microsoft Azure (on(on(on- -premisespremisespremises/hosted) || hosted)hosted) App innovation
MicrosoftMicrosoft Private Azure StackCloud Microsoft Azure (on(on -premisespremises/hosted) | hosted) Cloud-optimized application platform
Cloud-consistent service delivery
Cloud-inspired hybrid infrastructure
MicrosoftMicrosoft Private Azure StackCloud (on(on -premisespremises/hosted) | hosted) IaaS and PaaS based hosting options Features: • 99.95% Monthly SLA • Support for Windows and Linux VM’s
• Fault Isolation WEB • Elastic Capacity • Open source support (Git, etc…) • First class .Net Support • Support for a variety of languages and
frameworks - VIRTUAL .net node.js java
php CLOUD Frameworks python Modern web apps Multi-tier applications Enterprise server applications Perfect if your app consists of client side Cloud-based applications that separate application Run your existing enterprise applications in the markup and scripting, server side scripting and logic into multiple tiers (i.e. caching middle tier, cloud, such as SQL Server, SharePoint Server or a database. Powerful capability to scale out and asynchronous background processes like order Active Directory. up as needed. processing) using both Web and Worker Roles
Continuous development Apps that require advanced Porting existing line of business apps Deploy directly from your source code administration Choose an image from the library or upload your repository, using Git or Team Foundation own VHD. Service. Cloud-based applications that require admin access, remote desktop access or elevated permissions Popular open source apps Apps that require advanced Windows or Linux operating system Launch a professional looking site with a few networking Support for Windows Server, along with clicks using apps like WordPress, Joomla!, community and commercial versions of Linux. Drupal, DotNetNuke and Umbraco Cloud-based applications that require network Connect virtual machines with cloud services to isolation for use with Windows Azure Connect or take full advantage of PaaS services. Windows Azure Virtual Network Infrastructure as a Service introduces new functionality that allows full control and management of both Windows and Linux virtual machines along with an extensive virtual networking offering.
Easily migrate existing Start from a pre-built image from Run enterprise applications applications as-is to the cloud our image library such as SQL Server, SharePoint or Active Directory Assist New Cloud App Upload your own VHD from on- in the cloud Development by Integrating premises. IaaS and PaaS Functionality Easily create hybrid cloud and Create Your Own Customized on-premises solutions with Set up new virtual machines in Images VPN connectivity between the Windows Azure with only a few Windows Azure Data Center clicks. Support for community and commercial versions of Linux and your own network. Agentless Deployment for Windows Servers Move images back on premise as necessary Microsoft Azure Certified Ubuntu Oracle Linux SUSE CentOS-Based CoreOS Community • Cloud Service and Virtual Network • Load Balancing • VM Storage Architecture • Availability Set Cloud Services and Endpoints
• Enable connectivity to your Virtual Machines • Route requests from Cloud Service to Virtual Machine using an public port and a private port • Can be added to a Load-Balanced Set SQL
• Can create a list of allowed/denied IP Address Ranges • Direct Endpoints using Access Control List (ACL) • Load Balanced Endpoints • ACL set to Allow * (all) by default SQL Client: Port 1455
Web Browser: Port 80 • Public and Private Ports may vary IIS • Other Options cloud service • Reserved Static IP for VM Instance • Reserved IP for Cloud Service
IIS Azure Virtual Machine
C:\ E:\, F:\, etc. OS Disk D:\ Temporary Disk Data Disks Disk Cache (Contents can be lost) Azure Virtual Machine
C:\ D:\ E:\, F:\, etc. G:\, H:\, etc. OS Disk Temporary Disk Data Disks SMB Share (Contents can be lost) Disk Cache Virtual Machine Sizes Compute Compute Compute Instance Name Virtual Cores RAM Virtual Cores RAM Virtual Cores RAM Instance Name Instance Name Extra Small (A0) Shared 768 MB D1 1 3.5 GB G1 2 28 GB Small (A1) 1 1.75 GB D2 2 7 GB G2 4 56 GB Medium (A2) 2 3.5 GB D3 4 14 GB G3 8 112 GB Large (A3) 4 7 GB D4 8 28 GB G4 16 224 GB Extra Large (A4) 8 14 GB D11 2 14 GB G5 32 448 GB A5 2 14 GB D12 4 28 GB A6 4 28 GB D13 8 56 GB A7 8 56 GB D14 16 112 GB A8 8 56 GB A9 16 112 GB http://azure.microsoft.com/en- us/pricing/details/virtual-machines/
Each Persistent Data Disk Can be up to 1 TB with up to 32 disks per VM UPDATE DOMAINS ARE HONORED BY HOST OS UPDATES
Multi Tier Application
Internet Traffic Manager: DNS-based Load Balancing
www.yourapp.com
Performance - Direct to “closest” service based on network latency Round-robin - Distribute equally across all services Failover - Direct to “backup” service if primary fails —also included in other policies Windows Azure Region 1
BLOB Storage
DNS Queries Traffic Manager
Windows Azure Region 2 Multiple NICs in Azure VMs Up to 4 NICs per VM Multiple NICs enable virtual appliances in Azure
Azure Virtual Machine
NIC2 NIC1 Default MAC/IP addresses persist 10.2.3.33 10.2.2.22 10.2.1.11 through VM life cycle
VIP: 133.44.55.66 Internet Separate frontend-backend traffic, and management-data planes Bring Your Appliances to the Cloud Building blocks “Azure Certified” • Multiple NICs • MAC address persistence
Appliance ecosystem • Barracuda NG Firewall • Citrix NetScaler • Riverbed Steelhead, SteelApp, SteelStore • More to come! Visual Studio and MSDN
Create and Debug a VM MSDN specific images for tools Platform Services
Security & Hybrid Management Cloud Service Operations Web Apps API API Services Fabric Apps Management Visual Studio Azure SDK Portal Azure AD Connect Health Logic Batch Remote App Mobile Notification Team Project Application Apps Apps Hubs Active Insights AD Privileged Directory Identity Management
Multi-Factor Authentication Backup
Storage Biztalk Queues Services Automation HDInsight Machine SQL SQL Data Learning Database Warehouse Operational Insights
Hybrid Service Connections Bus Key Vault Redis Import/Export Data Event Search Factory Hubs Cache
Store / Marketplace Site Recovery Stream Mobile DocumentDB Tables Analytics Engagement Media Content Delivery VM Image Gallery Services Network (CDN) StorSimple & VM Depot
Infrastructure Services
Designed for secure mission-critical applications Optimized for Availability and Automatic scale Agility through Continuous Deployment
Hybrid Connections / VPN Support Automated Deployment Remote Debugging w/ Visual Studio Scheduled Backup AutoScale Site Staging Slots Azure Active Directory Integration Built-in Load Balancing Testing in Production Site Resiliency, HA, and DR WW Datacenter Coverage Continuous Integration/Deployment Web Jobs End Point Monitoring & Alerts Git, Visual Studio Online and GitHub Role Base Access Control App Gallery App & Site Diagnostics Audit / Compliance DR Site Support OS & Framework Patching Enterprise Migration WildCard Support Site Extensions Gallery Client Certs Dedicated IP address NET, PHP, Python, Node, Java Cache HTTP Compression Framework Installer IP Restrictions/ SSL CDN Support for Websites Browser-based editing Web Sockets Premium WordPress Auto-Healing SQL, MySQL, DocDB, & Mongo App Services Environments Logging and Auditing Sticky Sessions Admin-Site Authorization/ Authentication Support Site Extension
All features and capabilities are shared across all of App Service application (Web, Mobile, and API)
Develop apps with… .NET Node.js PHP Python Java Gallery
2) Code Repository 3) Build 4) Deploy to slot 5) Test 6) Swap
Azure
Contoso App
1) Developers 8) Monitor and Improve 7) Deploy to Cloud Developer 1 Swap
GitHub Website Production (VSO) Developer 2 Staging Staging Staging Staging Testing in Prod.
100%80%
20%
2) Code Repository 3) Build 4) Deploy to slot 5) Test 6) Swap
Azure
Contoso App
1) Developers 6) Monitor and Improve 7) Deploy to Cloud WebJobs WebJobs AutoScale AutoScale AutoScale Azure Site Recovery One solution for multiple infrastructures On-premises to On-premises protection On-premises to Azure protection (Site-to-Site) (Site-to-Azure)
Microsoft Azure Microsoft Azure Microsoft Azure Microsoft Azure Site Recovery Site Recovery Site Recovery Site Recovery
Orchestration Download Scout Orchestration Orchestration and Replication and Replication NEW
InMage InMage InMage Scout Orchestration Scout Scout and Replication Replication Primary Recovery Primary Recovery Primary Primary Site Site Site Site Site Site VMware / VMware / Hyper-V Hyper-V VMware / Hyper-V Physical Physical Physical Key features include:
Automated VM protection and replication No-impact recovery plan testing Orchestrated recovery when needed Remote health monitoring Customizable recovery plans Replicate to – and recover in – Azure Near zero RPO Minimal RTO – few minutes to hours Heterogeneous physical and virtual support Preview Deployment Architecture
Process Customer 1 Server Source: VMware VMs Microsoft Azure & Physical Servers Site Recovery Customer 1 Customer 2 Data Target: Microsoft Azure Channel
Process Server Source: VMware VMs & Physical Servers Microsoft Azure Customer 2
Process Server – Used for Config Server – Used for Master Target – Used as Mobility Service – Caching, Compression & Centralized Management a repository & for Captures all data writes Encryption retention from memory Summary of Actions Microsoft Azure StorSimple Big Picture ON-PREMISES DATA CENTER CLOUD DATACENTER
Cloud
Series 8000 Server Hybrid Storage Array StorSimple Virtual Appliance
StorSimple Manager StorSimple Snapshot Manager Plug-in
Administrator Secure data throughout the solution
Cloud Account Access StorSimple Virtual Appliance Account authentication with User ID, Password
IT administrator
Data At-rest AES-256 bit encryption
StorSimple Customer defined encryption keys stored on device 2 x 512 Data In-flight bit keys AES-256 bit encryption Consolidated management of appliances
StorSimple Manager
Physical Appliance Physical Appliance Virtual Appliance
(Service Data Encryption Key is generated, on device console, when first device is registered) Microsoft Confidential StorSimple Virtual Appliance
VM
Data IT agility in Azure with StorSimple Virtual Appliance
The StorSimple Virtual Appliance facilitates data mobility of production Microsoft Azure datasets for the purpose of disaster recovery, on-demand development and test infrastructure, and Cloud applications.
The StorSimple Manager service provides workflows for failover of datasets for disaster recovery and clone workflows for replicating iSCSI production datasets in Azure for Cloud applications and development Vol D StorSimple and test scenarios Manager
Vol A Vol B Vol C Vol D iSCSI
iSCSI Internet DR to secondary datacenter or Virtual Appliance
Microsoft Azure
StorSimple Virtual Thin Instant Predictable Appliance
Location independent recovery from cloud snapshot Cloud Snapshots
Periodic VSS consistent cloud snapshots of production data Production Data Production Data
Datacenter-1 Datacenter-2