Windows Azure Virtual Machines

Windows Azure Virtual Machines

Karthikeyan Anbarasan (Karthik)Microsoft MVPFounder – F5debug Inc. Twitter - @f5debug

PaaS SaaSPhysical Virtual IaaS

A Continuous Offering From Private to

Public Cloud

Windows Azure Virtual Machines

Support for key server applications

Easy storage manageability

High availability features

Advanced networking

Integration with compute PaaS

IaaS Workloads – all about the appLine of Business ApplicationsCustom Applications, CRM, CMS, ERP, Business Intelligence

Application InfrastructureFile Servers, Databases, Identity, Source Control

Developer, Test and Staging Environments Quickly Provision and Un-provision Entire Environments

Hybrid ApplicationsApplications that span your data center and the cloud

Images AvailableWindows Server 2008 R2

Windows Server 2008 R2 with SQL Server 2012 Evaluation

Windows Server 2012, Biztalk Server, Sharepoint Server

OpenSUSE 13.04

CentOS 6.3

Ubuntu 12.04

SUSE Linux Enterprise Server SP2

Getting Started with VMs

New Disk Persisted in Storage

Blob Storag

e

Cloud

Cloud First ProvisioningSelect Image and VM SizeGetting Started

Management Portal

>_Scripting

(Windows, Linux and Mac)

REST API

Boot VM from New DiskWindows Server

Linux

Extra SmallSmallMediumLarge X-Large

Bring Your Own Server/VHDOn-Premises

On Premises Virtual Server

MyApp.vhd

Cloud

Blob Storag

e

Provision VM from Image or

Disk using portal, script or APIUse Case

• Forklift Migration of VMs

• Sys Prepped Images

VHD Must Be Fixed Disk * CSUpload Can Convert on Upload

Imaging VMs in the CloudCloud

Blob Storag

e

Blob Storag

e

Base.VHD

Identical/similar deployment instances using common OS image

as start

Capture VM Saves Customized Image to Your Image Library

Image MobilityOn-Premises Cloud

Blob Storag

e

MyApp.vhd

Disks and ImagesOS Images

• Microsoft• Partner • User

Disks

• OS Disks • Data Disks

Base OS image for new Virtual MachinesSys-Prepped/Generalized/Read Only Created by uploading or by capture

Writable Disks for Virtual MachinesCreated during VM creation or during upload of existing VHDs.

Persistent Disks and Highly Durable

Windows Azure Storage

Windows Azure Storage (Disaster Recovery)

Virtual Machine

Persistent Disks and Highly Durable

Windows Azure Storage

Windows Azure Storage (Disaster Recovery)

Virtual Machine

Virtual Machine

Virtual Machine Sizes

Each Persistent Data Disk Can be up to 1 TB

VM Size CPU Cores Memory Bandwidth# Data Disks

Extra Small Shared 768 MB 5 (Mbps) 1

Small 1 1.75 GB 100 (Mbps) 2

Medium 2 3.5 GB 200 (Mbps) 4

Large 4 7 GB 400 (Mbps) 8

Extra Large 8 14 GB 800 (Mbps) 16

Disk Caching

Disk Type Default Supported

OS Disk ReadWrite ReadOnly and ReadWrite

Data Disk None None, ReadOnly and ReadWrite

Modify using Set-AzureOSDisk or Set-AzureDataDisk

VM Management and AutomationActive Directory Group Policy

Windows Remote Management (WinRM)

SCOM 2012 Support for Managing Virtual Machines

Full REST API for Programmatic Automation and Management

Windows Azure PowerShell Cmdlets

Cross Platform Scripting (Linux, Mac and Windows)

Windows Azure Monitoring Service (On Roadmap)

Scripting CapabilitiesFull Support for IaaS at spring launch• Windows Azure PowerShell Cmdlets• Cross Platform Scripting Built on node.js

Capabilities• Provisioning, Removal• Reboot, Start• Import and Export VM settings• Support for Windows and Linux VMs• Domain Join at Provision for Windows• Fully Customize VM with Data Disks and

Endpoint Configuration• Automate Virtual Network Settings

Demo

Getting Started with VMs

Virtual Machine Networking

Virtual Machine Names and DNSFull Control Over Machine Names

Windows Azure provided DNSResolves VMs by name within the same cloud serviceMachine names are modeled explicitly and registered in the DNS service

Bring Your Own DNS ServerUse your on-premises DNS serversDeploy a DNS server in Windows AzureUse public DNS services

Load Balanced Sets

Cloud AppEndpoint SetPublic PortLocal PortProtocol (TCP/UDP)Name

PORT 80

Load Balancer Custom Probes

Cloud AppLoad Balancer ProbeSet NameProbe Protocol (HTTP/TCP)Probe PortProbe Path(/healthcheck.aspx)

Looks for HTTP 200(Omit Probe Path for TCP)

PORT 80

Virtual Machine Availability

Service Level Agreements

What’s includedCompute Hardware failure (disk, cpu, memory)Datacenter failures - Network failure, power failureHardware upgrades, Software maintenance – Host OS UpdatesPlanned downtime – 6 day notice, 6 hour window, 25 minute downtime

What is not includedVM crashes caused by 3rd party software, Guest OS Updates

99.95% for multiple role instances4.38 hours of downtime per year

Fault and Update Domains

Fault DomainsRepresent groups of resources anticipated to fail togetheri.e. Same rack, same serverFabric spreads instances across fault at least 2 fault domains

Update DomainsRepresents groups of resources that will be updated togetherHost OS updates honour service update domainsSpecified in service definitionDefault of 5 (up to 20)

Fabric spreads role instances across Update Domains and Fault Domains

Fault Domain

Rack

Fault and Update DomainsFault Domain

Rack

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

UD #1

UD #1

UD #2

UD #2

Virtual Machine Availability SetsUpdate Domains are honored by host OS updates Fault Domain

Rack

Fault Domain

Rack

IIS1

SQL1

IIS2

SQL2

UD #2

UD #2

UD #1

UD #1

Virtual Machine Virtual Machine

How Does this Relate to SLA?

SLA 99.95

SQL Server

Primary

SQL Server

Secondary

Availability set

Persistent VM Role

Persistent VM Role

Redundancy at every level

End to End Highly Available Solution

IIS Web Application

Web Role

IIS Web Application

Web Role

LB S

QL

Mirro

ring

Internet

SQL-AVSET

IIS-AVSET

SQLServer

SQLServer

Windows Azure Virtual Networks

Cross-premise Connectivity

IP-level connectivity

Data SynchronizationSQL Azure Data Sync

Application-layer Connectivity &

Messaging Service Bus

Secure Machine-to-Machine Network

ConnectivityWindows Azure Connect

Secure Site-to-Site Network Connectivity

Windows Azure Virtual Network

CLOUD ENTERPRISE

Corpnet

Windows Azure Virtual Network

Your “virtual” branch office / datacenter in the cloudEnables customers to extend their Enterprise Networks into Windows AzureNetworking on-ramp for migrating existing apps and services to Windows AzureEnables “hybrid” apps that span cloud and their premises

A protected private virtual network in the cloudEnables customers to setup secure private IPv4 networks fully contained within Windows AzureIP address persistenceInter-service DIP-to-DIP communication

Subnet 2

Subnet 1

Virtual Networks ScenariosHybrid Public/Private CloudEnterprise app in Windows Azure requiring connectivity to on-premise resources

Enterprise Identity and Access ControlManage identity and access control with on-premise resources (on-premises Active Directory)

Monitoring and ManagementRemote monitoring and trouble-shooting of resources running in Windows Azure

Advanced Connectivity RequirementsCloud deployments requiring persistent IP addresses and direct connectivity across services

Supported VPN Device ListCisco

Platform OS Family Examples

ASA 5500 Series (Adaptive Security Appliances)

ASA Software 8.4+

5505, 5550

ASR 1000 Series Aggregation Services Routers

IOS XE 2.1+ 1002

ISR Series Integrated Services Routers

IOS 12.2+ 2801, 2901, 2911

JuniperPlatform OS Family Examples

SRX Series Routers JunOS 10.2+ 210, 650

J Series Routers JunOS 9.4+ 4350

ISG Series Routers ScreenOS 6.2+ SX2

SSG Series Routers ScreenOS 6.2+ 550

Generic VPN devices must support• IKE v1• AES 128, 256• SHA1, SHA2

PaaS SaaSPhysical Virtual IaaS

IaaS and PaaS – Better Together

The Benefits of PaaS

Paas is cheaperReason: There’s less admin and management work to doBenefit: Organizations spend less supporting applications

PaaS is fasterReason: There’s less work for developers to doBenefit: Applications can go from idea to availability more quickly

PaaS is lower riskReason: The platform does more, leaving fewer opportunities for errorBenefit: Creating and running applications gets more reliable

IaaS and PaaS Side by Side

Direct Connectivity Using Virtual NetworkingFor advanced connectivity scenarios such as Active Directory or DCOM

Connect Cloud Apps via VIPsEasily compose services by connecting public endpoints

Connecting Applications and VMs

StrengthsSimplicityTenant AutonomyVIP Swap (cloud services)Easy Local Dev/Test

SQL Data Access Traffic

Through Public

Endpoint

WeaknessesHigher LatencyLess SecureManagement/Deployment Overhead

Cloud Service or Web Site

Cloud Service

SQL Server

Load Balancer

80

2001-1433

Secure Endpoints with Windows Server Firewall

Load Balancer

Connecting Cloud Services with VNET

StrengthsProtect VMs from the open InternetLower LatencyVIP Swap (web / worker roles)Advanced Connectivity Requirements

WeaknessesVNET Complexity Windows Azure Provided DNS does not span cloud services

Direct Access

via VNET

AppSubnet (10.0.0.0/16)

SQLSubnet (10.1.0.0/16)

Load Balancer

80

Web or Worker

Cloud Service1

Cloud Service 2

AD

SQL Mirror

AD

Subnet(10.2.0.0/

16)

ContosoVNet (10.0.0.0/8)

Summary

Support for key server applications

Easy storage manageability

High availability features

Advanced networking

Integration with compute PaaS

Demo

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a

commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.