Windows Azure: Verbinden, erweitern, integrieren Sie ihr Firmennetzwerk in die Cloud, Heike Ritter, Microsoft
Post on 05-Dec-2014
687 Views
Preview:
DESCRIPTION
Transcript
Windows Azure
IT Pro experience
Support for key server applications
Easy storage manageability
High availability features
Advanced networking
Integration with compute PaaS
Cloud Service is a management, configuration, security, networking and service model boundary
INST
AN
CES
RO
LES
Virtual Machines are roles with exactly one instance
Multiple Virtual Machines can be hosted within the same cloud service
Bring your own DNS server Use your on-premise DNS servers Deploy a DNS server in Windows Azure Use public DNS services
Windows Azure provided DNS Resolves VMs by name within the same cloud service Machine names are modeled explicitly and registered in the DNS service
Full control over machine names
Port Forwarded Endpoints Direct communication to multiple VMs in the same cloud app
Support for All IP-Based Protocols (VM to VM) Instance-to-instance communication TCP, UDP and ICMP, dynamic ports
UDP Traffic Supported in WA Load-balanced incoming traffic and allows outbound traffic
Custom Load Balancer Health Probes Health check with probe timeouts HTTP based probing, allowing granular control of health checks
Endpoint Public Port Local Port Protocol (TCP/UDP) Name
Cloud App/Hosted Service
Port Forwarding and RDP
Endpoint Set Public Port Local Port Protocol (TCP/UDP) Name
Cloud App
Load Balancer Probe Set Name Protocol (TCP) Probe Port Probe Path (/healthcheck.aspx) Looks for HTTP 200
Cloud App
Load Balanced Sets
Cross-premise Connectivity ENTERPRISE
Data Synchronization SQL Azure Data Sync
Application-layer Connectivity & Messaging
Service Bus
Secure Machine-to-Machine Network Connectivity
Windows Azure Connect
Secure Site-to-Site Network Connectivity
Windows Azure Virtual Network
Your “virtual” branch office/ datacenter in the cloud Enables customers to extend their Enterprise Networks into Azure Networking on-ramp for migrating existing apps and services to Windows Azure Enables “hybrid” apps that span cloud and their premises
A protected private virtual network in the cloud Enables customers to setup secure private IPv4 networks fully contained within Windows Azure IP address persistence Inter-service DIP-to-DIP communication
VNET Provides Direct Network Access
FrontEndSubnet (10.3.1.0/24)
BackEndSubnet (10.3.3.0/24)
IIS Servers
Fabrikam-CloudSvc
Fabrikam-CloudApps SQL Mirror
DNSSubnet (10.3.2.0/24)
APPVNET – Virtual Network (10.3.0.0/16)
Corp-OnPrem (192.168.1.0/24)
192.168.1.6 (Local AD)
Fabrikam-CloudDC
AD Data Access
VNET Gateway
Mixed Mode: VM and PaaS Roles in the Same Cloud Service Simple, secure and highly efficient method of using IaaS and PaaS side-by-side
Direct Connectivity Using Virtual Networking For advanced connectivity scenarios such as Active Directory or DCOM
Connect Cloud Apps via VIPs Easily compose services by connecting public endpoints
Strengths Simplicity VIP Swap (stateless roles) Easy Local Dev/Test Persistent Service is Easily Accessible (even from other services!)
SQL Data Access Traffic
Through Public Endpoint
Weaknesses Higher Latency Less Secure Management/ Deployment Overhead
WA Web Role
Cloud Service 1
Cloud Service 2
SQL Server
Load Balancer
Secure Endpoints with Firewall
Load Balancer
Strengths More Secure Low Latency Cloud Service Autonomy VIP Swap (stateless roles) Advanced Connectivity Requirements
Weaknesses VNET Complexity No Windows Azure provided DNS
Direct Access via VNET
FrontEndSubnet (10.0.0.0/16)
SQLSubnet (10.1.0.0/16)
Load Balancer
WA Web Role
Cloud Service1
Cloud Service 2
AD
SQL Mirror
AD Subnet
(10.2.0.0/16)
ContosoVNet (10.0.0.0/8)
VNET Provides Direct Network Access
FrontEndSubnet (10.3.1.0/24)
BackEndSubnet (10.3.3.0/24)
Fabrikam-CloudSvc
Fabrikam-CloudApps SQL Mirror
DNSSubnet (10.3.2.0/24)
APPVNET – Virtual Network (10.3.0.0/16)
Corp-OnPrem (192.168.1.0/24)
192.168.1.6 (Local AD)
Fabrikam-CloudDC
AD
WA Web Roles
Data Access
VNET Provides Direct Network Access
FrontEndSubnet (10.3.1.0/24)
Fabrikam-CloudSvc
DNSSubnet (10.3.2.0/24)
APPVNET – Virtual Network (10.3.0.0/16) Corp-OnPrem
(192.168.1.0/24)
192.168.1.6 (Local AD)
Fabrikam-CloudDC
AD WA Web Roles
Windows Azure SQL Database
Data Access
IT Pro experience
Support for key server applications
Easy storage manageability
High availability features
Advanced networking
Integration with compute PaaS
top related