Post on 07-Feb-2017
transcript
Azure Using Cloud Principles
Herman Keijzer
PTShermank@microsoft.com
FocusAzure V2
(ARM)
Cloud principles• Freedom of choice• Marketplaces• Cloud Inspired
Infrastructure• Multi Vendor• Hybrid• Hyper scale• Self-service• Build in and on top of
Security• Build in Compliancy• Automation
• Continuous Change• Shared• Software defined• Scalable• Pay per Use• Build to fail• Multi Vendor• Lock in Reduction• Open- and closed
source• Build in Security
Saving cost
S M T W T F S
Capacity Needed (Max + 20%)
J F M A M J J A S O N D
Capacity Needed (Max + 20%)
tCom
pute
InactivityPeriod
On and Off Growing Fast Unpredictable Bursting Predictable Bursting 24x7 Steady
Save 20-30%
Save 60-80%
On and Off (30%)
Growing Fast (15%)
Unpredictable Bursting(25%)
Predictable Bursting(20%)
24x7 Steady(10%)
Your Application Portfolio – What Does it Look Like..?
server demandserver demand
resources required
resources required
public cloudprivate cloud
IAAS usage private vs public
Putting cloud principles into practice
Dynamic scaling
Growing Fast Unpredictable Bursting Predictable Bursting
IAAS-> using VM scale setsPAAS-> scale up / scale out in App servicesPAAS->SQL elastic pool
• Auto-Scalable
• Fast
• Customizable • Windows or Linux• VM extensions• Open PaaS platform
• Ease of Management• Focus on target
instance count• Updateable
VM Scale Sets in ARM
Resource Group
Subnet
Scalable Storage
VM
VNET
Scalable NIC…V
MVM
VM
Scale Set
Extensions
Manage groups of identical VMsVirtual machine scale sets are an Azure Compute resource you can use to deploy and manage a set of identical VMs. With all VMs configured the same, VM scale sets are designed to support true auto-scale – no pre-provisioning of VMs is required – and as such makes it easier to build large-scale services targeting big compute, big data, and containerized workloads
VM scale sets• For custom images you can only have a single storage
account and are hence limited to 20 VMs in a scale set (or 40 if you set the overprovision property to "false". This will be increased in the future.
• Maximum number of platform image VMs in a scale set is 100. This will be increased in the future
Sample;https://github.com/Azure/azure-quickstart-templateshttps://github.com/gbowerman/azure-myriad
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-overviewhttps://azure.microsoft.com/nl-nl/documentation/articles/virtual-machine-scale-sets-deploy-app/
Azure appservices
SQL elastic pool
https://docs.microsoft.com/nl-nl/azure/sql-database/sql-database-elastic-pool
Turning vms on/off
tCom
pute
InactivityPeriod
On and Off
Turning vm’s off- Auto shutdown new in Azure- Automated using azure automation- On demand
Impact on cost
744= 31 (days) X 24 (hour)
496= 31 (days) X 16 (hour)
saving€ 309,52Per month
Pricing calculator 9 jan 2017
Auto-shutdown
On demand turn on/off via powershelllogin-azurermaccount
Get-AzureRmSubscription | sort SubscriptionName
$subscrName=“subscription name"
Select-AzureRmSubscription -SubscriptionName $subscrName
$ResourceGroup = "TP5"
$VMs = Find-AzureRmResource -ResourceGroupNameContains $ResourceGroup
Foreach ($VM in $VMs)
{
$VMStatus = Get-AzureRmVM -ResourceGroupName $ResourceGroup -Name $vm.Name -Status | `
select -ExpandProperty Statuses | ?{ $_.Code -match "PowerState" } | select -ExpandProperty displaystatus
if($VMStatus -eq "VM Running")
{
Write-Output "status of" $vm.Name "is" """$VMStatus"""
Stop-AzureRmVM -ResourceGroupName $ResourceGroup -Name $vm.Name -Force
}
else
{
Write-Output "status of" $vm.Name "is" """$VMStatus"""
}
}
Azure automation
scheduler
Powershell scriptStop/start VM
Samples in azure
automation runbook gallery
https://azure.microsoft.com/en-us/blog/introducing-the-azure-automation-runbook-gallery/https://gallery.technet.microsoft.com/scriptcenter/site/search?f%5B0%5D.Type=RootCategory&f%5B0%5D.Value=WindowsAzure&f%5B1%5D.Type=SubCategory&f%5B1%5D.Value=WindowsAzure_automation&f%5B1%5D.Text=Automation
Using azure automation
Change size
Change size vm via portal
caveatsMultiple Nics per VM
The VM size determines the number of NICS that you can create for a VM!Configure only via Powershell, CLI or Template !
caveats Number of disks attached to a VM
https://azure.microsoft.com/nl-nl/documentation/articles/virtual-machines-linux-sizes/
automation
Azure Resource Manager
Benefits• Desired-state deployment
• Faster deployment
• Role-based access control (RBAC)
• Resource-provider model
• Orchestration
• Resource configuration
SQL - A Website VirtualMachines
SQL-AWebsite[SQL CONFIG] VM (2x)
DEPENDS ON SQLDEPENDS ON SQL
SQLCONFIG
Cache
Consistent Management Layer
Azure Resource Manager
Website VM SQL DB
Resource Provider
…..
Provider Contract
https://management.azure.com/subscriptions/{{subscriptionId}}/providers?api-version={{apiVersion}}
Tools
?
REST API
Resource Manager: Building a VMResource Group
Subnet
Storage
VM
VNET
Public IP storageAccount- accountType
publicIPAddress- allocationMethod- domainNameLab
el
virtualNetwork- addressSpace- Subnet
- addressPrefix
networkInterface- privateIPAllocati
onMethod
virtualMachine- hardwareProfile- osProfile- storageProfile- networkProfile
NIC
Github
https://github.com/Azure/azure-quickstart-templates
• ARM Quick Start Templates• https://azure.Microsoft.com/en-us/documentation/templates• https://github.com/Azure/azure-quick-start-templates
• ARM Schemas• https://github.com/Azure/azure-resource-manager-schemas/tree/master/schemas
• ARM Best Practices• https://azure.microsoft.com/en-us/documentation/articles/best-practices-resource-manager-
design-templates/• https://docs.microsoft.com/nl-nl/azure/best-practices-resource-manager-state
• ARM Visualizer• http://armviz.io
• VS Code Extensions• https://github.com/Azure/azure-xplat-arm-tooling
• Getting Stated guide• http://download.microsoft.com/download/E/A/4/EA4017B5-F2ED-449A-897E-BD92E42479CE/
Getting_Started_With_Azure_Resource_Manager_white_paper_EN_US.pdf
ARM Resources
Azure automation
More info
Learning pathhttps://azure.microsoft.com/nl-nl/documentation/learning-paths/automation/
Automation Bloghttps://azure.microsoft.com/nl-nl/blog/tag/azure-automation/
https://azure.microsoft.com/en-us/documentation/articles/automation-first-runbook-graphical/
Virtual Machine Extensions• Inject code and configuration into
VM’s
• Configuration• PowerShell, DSC, Chef, Puppet
• Management• Anti-virus, Backup, Patching, …
• Security• Disk encryption, …
VM Agent
Runtime & Extension API
Backup Extension
Monitoring Extension
VM Code & Configuration
https://azure.microsoft.com/en-gb/documentation/articles/virtual-machines-windows-extensions-features/
Freedom off choice
Microsoft Azure is an Open Cloud
Dozens of .NET & PHP CMS and Web applications
Bring your own
Via HTMl/JS, cross-platform and native
Ecosystem Provided
Languages, Dev Tools & App Containers
CMS & Apps
Devices
Databases
Management
MS Integrated
Operating
systems
UbuntuSUSE, OpenSUSE,
OpenLogic CentOS-based
Oracle Linux, CoreOS
Bringyour own
libcloudjclouds
DocDBDataStax
marketplace
https://azure.microsoft.com/en-us/marketplace/?source=datamarket
Infrastructure Services
Software for the entire cloud platform
Datacenter Infrastructure (24 Regions, 22 Online)
Compute Storage Networking
Platform Services
Security & Management
Web and Mobile
Media & CDN
Analytics & IoTIntegration
HybridOperations
Data
Compute Developer Services
Products
Virtual machine images
Multi-VM solutions Machine Learning services
Data services APIs
https://azure.microsoft.com/en-us/documentation/articles/marketplace-publishing-getting-started/
Build to fail
Azure availability setFault DomainsRepresent groups of resources anticipated to fail together i.e. Same rack, same serverFabric spreads instances across min 2 fault domains
Update DomainsGroups of resources that will be updated togetherHost OS updates honour service update domainsSpecified in service definitionDefault of 5 (up to 20)
Availability SetsVMs in separate Fault DomainsSLA 99.95 | HW SW | Windows & Linux
Redeploy
Build in security
Apps and DataSaaS
Microsoft protecting you
Malware Protection Center Cyber Hunting Teams Security Response
Center
Active Protection Service
SmartScreenOffice 365 Advanced
Threat Protection
WindowsUpdate
DeviceInfrastructure
CERTs
PaaS IaaS
Identity
INTELLIGENT SECURITY GRAPH
Cloud App Security
Rights Management
Key Vault
ConditionalAccess
Security Center
Event Management
Cyber DefenseOperations Center
Advanced Threat
Analytics
Digital Crimes Unit
Antivirus Network
Industry Partners
https://blogs.msdn.microsoft.com/azuresecurity/2015/09/29/secure-the-cloud-with-azure-security-center/https://azure.microsoft.com/en-us/services/security-center/
The Azure Security Center is your one-stop-shop for security in the Azure environment. It is a single dashboard that provides visibility into the security status of your Azure resources and control of those resources. It helps you protect your Azure environment, detect attacks, and respond to them
Cloud principles• Freedom of choice• Marketplaces• Cloud Inspired
Infrastructure• Multi Vendor• Hybrid• Hyper scale• Self-service• Build in and on top of
Security• Build in Compliancy• Automation
• Continuous Change• Shared• Software defined• Scalable• Pay per Use• Build to fail• Multi Vendor• Lock in Reduction• Open- and closed
source• Build in Security
appendix
High availability checklist• Use Traffic Manager
Avoid single VMsUse load balancers in front of web-facing VMsPut your stateless servers in Availability SetsUse VMSS for your stateless server scalingUse Premium Storage for your production VMsUse internal load balancers (or queues) between tiersDistribute your databaseUse cachesContact support before a high scale eventStore static assets in Blob StorageUse a CDN in front of your static assets
aaa
aaa
aa
aaaa