MicrosoftVirtual Academy
M6: Application Management
Symon Perriman Matt McSpiritTechnical Evangelist Technical Product Manager
MicrosoftVirtual Academy
Introduction to Hyper-V Jump StartPart 1 | Windows Server 2012
Hyper-V &. VMware vSphere 5.1Part 2 | System Center 2012 SP1 &
VMware’s Private Cloud
(01) Introduction & Scalability(05) Introduction & Overview of
System Center 2012
(02) Storage & Resource Management
(06) Application Management
(03) Security, Multi-tenancy & Flexibility
(07) Cross-Platform Management
(04) High-Availability & Resiliency(08) Foundation, Hybrid Clouds &
Costs
** MEAL BREAK **
MicrosoftVirtual Academy
• Constructing, Delivering & Consuming Apps• Maintaining, Managing & Monitoring Apps• Protection of Key Applications & Workloads
Module Agenda
Constructing, Delivering & Consuming Apps
Application Management
StandardizedVM Templates
Roles & FeaturesApplication Layers
VM Templates 2.0:Service Templates
Construction, Delivery & Consumption
Compute Storage Network
Web (IIS) App (App-V) Data (SQL)
Web tier
Scale out and health policy
Internet Information Services (IIS)
HW profile
OS profile
App profile
Application tier
Scale out and health policy
Application server
HW profile
OS profile
App profile
Data tier
Scale out and health policy
SQL Server
HW profile
OS profile
App profile
Service template (multi-tier .NET applications)
Standardize application deployment
Service template (multi-tier .NET applications)
Anatomy of a service template
Web tier
Scale out and health policy
Internet Information Services (IIS)
HW profile
OS profile
App profile
Application tier
Scale out and health policy
Application server
HW profile
OS profile
App profile
Data tier
Scale out and health policy
SQL Server
HW profile
OS profile
SQL profile
OS settings MS deploy package
Configuration
W2K8R2.VHD
SQL DAC Configuration
Configuration App-V
Service template library
DeploymentConsistent configurations
Named instances
Product key injection for individualized installations
ConfigurationMedia sources
Administrators and security mode
Network configuration
SQL configuration file support
ConnectionsData-tier application packages capture connections
Instance definition
Authentication mode
Upgrade and migration behavior
Service accountsDefine accounts per profile
SQL service, agent, and reporting services accounts
Define via run as accounts
SQL profiles for automated SQL deployment
Create application packages from installers or installation procedures using Server App-V
Deploy and configure applications in a reliable and repeatable way through application profiles and service templates
Easily update applications that have previously been deployed through self-service application management
Update the underlying operating system without losing deployed application state through application abstraction
Sequence Consistency
Update Available
Delivering consistent applications with Server App-V
Virtualized Windows Services are registered with the Service Control Manager
Web applications that run on top of IIS 6, 7, 7.5, 8.0
All types of user accounts are supported (LocalSystem, network service, domain accounts)
Registry settings
COM
Java apps
.NET components
State-persisted information stored on the local disk
Application binaries
COM+ and DCOM
Text-based configurations
WMI providers
SSRS
Local users and groups
ComponentsHosts Resources
Virtualizing applications with Server App-V
Create service template with service designer Use the ribbon for contextual
actions within the service template designer
Use the designer canvas to build your service template from virtual machine templates, logical networks, and load balancers
Set service-related properties, such as cost center, description, release version
Preview pane shows view of your service deploymentSettings allow you to set deployment specific variables
Ribbon bar for deploy activity or to check deployment ratings
Deploy service through deployment preview
Perform operations at the service level, tier level, or individual VM levelView specific service, tier, or application settings
View deployed service
Deployed service viewed as distributed application in operations manager and business service in service manager
Monitored at the tier level
Viewed at the virtual machine level
Automatically pushed throughout System Center for monitoring and CMDB accuracy
Application Management
StandardizedVM Templates
Roles & FeaturesApplication Layers
VM Templates 2.0:Service Templates
Deploymentinto clouds
Construction, Delivery & Consumption
Development Production
Datacenter one Datacenter two
Constructing the private cloud
Logical and standardizedDiverse infrastructure
Cloud abstraction
Development
Production
Logically group your resources into clouds
Create clouds, tenants, and VM Networks
View deployed services and VMs
Overprovision across cloud resources
Connect to physical infrastructure components
Aggregate capacity of underlying resourcesChoose your logical network abstractions
Choose the types of storage available
Control amount of cloud resources
Place limits around physical resources consumed by cloud
Dynamically adjust resource limits as needs change
Control the types of VMs for self-service users
Set constraints and limits around VMs with capability profiles
Attach to clouds to control usage
Application Management
StandardizedVM Templates
Roles & FeaturesApplication Layers
VM Templates 2.0:Service Templates
Deploymentinto clouds
Role-basedSelf Service
Controlled Consumption
Construction, Delivery & Consumption
VMM AdministratorFabric Administrator•Scope: Entire system•Can take any action
Role-based access
Delegated administratorFabric Administrator•Scope: Host groups and clouds•Configure fabric (hosts, networking and storage)
•Create cloud on fabric•Assign cloud
TenantadministratorTenant• Scope: Clouds only• Author VM
Networks• Assign cloud• Create Tenant
Roles• All other SSU
settings
Self-service userApplication Owner• Scope: Clouds only• Author templates• Deploy/manage VMs
and Services• Share resources• Revocable actions• Quota as a shared
and per-user limit
Read only administrator
Help Desk• Scope: Host groups and clouds, No
actions
Assign actions to user roles
Create custom roles
Choose actions and change actions dynamically as neededUses Active Directory users and groups
Provider-published and user-initiated
Expresses IT requests in business language
Consistent delivery of service
each time, every time
Enables consumer to choose what level of service and cost
they want
Controlled empowerment
Work item used to identify and classify standard IT services
Contains one or more request offerings
Consistent delivery of service-related details includingKnowledge articlesService level agreement informationCost and chargeback–related information
Service offering
Private cloud offerings
Enterprise LOB app offeringsVDI offerings
Development offerings
User sees offerings based on their role
Dynamic: User role mapped
to a Service Manager group within Active Directory
Provide access at the service offering level or at the individual-request offering level
Role-based
Easy-to-use portalSilverlight web parts hosted in SharePoint Foundation 2010 or higher
Customizable out-of-box web parts using SharePoint admin tools
Extensible via custom web parts
Portal featuresCustomizable, dynamic forms
Simplified portal
Cloud services process management packModel extensionsProjectCapacity poolCost centerLogical networkPlacement tagVIP template…
Service request templates20+ service request templates Provision VMs Project creation Capacity
management
Automated work item activity templates
Service catalog content20+ request offerings Subscribe resources Register a tenant Request service
Based on service request templates
Runbooks/ workflowsNew Runbooks for Orchestrator and workflows for Service Manager to automate request offering fulfillment
Cloud Service Process Pack is included with System Center and integrates with Service Manager in SP1
Take advantage of standardized templates
Quota enforcement with clear guidance on utilization
Private and public cloud services
plus virtual machines
Job auditing and task progress
Change history
Role-based access to content
Create, manage, and move resources between repositories
Single management point
Delegation with control
Empowering application owners
Enabling application self-service
Microsoft | VMware ComparisonApplication Construction, Delivery &
ConsumptionCapability Microsoft VMware
Request Private Cloud Resources Yes Yes1
Role-Based Self-Service Yes YesStandardized Templates Yes Yes2
Template Granularity: Roles / Features Yes NoTemplate Granularity: Application Layer Yes Yes3
Service/Multi-Tier Templates Yes Yes3
Deployment Across Heterogeneous Clouds Yes Yes4
1. vCloud Automation Center allows for the requesting of private cloud resources but lacks a true CMDB capability in box.2. Each VMware VM template will have it’s own VMDK, even if the template varies only slightly in it’s configuration options.3. No alternatives to Server Application Virtualization (App-V) thus relies on regular installation methods or inflexible scripts.4. vCloud Automation Center allows deployment onto non-VMware infrastructure at a cost of $400 per managed machine +
S&Showever once deployed, it could not be managed from vCloud Director along with other VMware-based VMs.
VMware Information: http://www.vmware.com/products/datacenter-virtualization/vcloud-automation-center/features.html, http://www.vmware.com/files/pdf/management/vmw-vcloud-automation-center-faq.pdf
Maintaining, Managing & Monitoring Apps
Application Management
Centralized Maintenance
Maintenance, Management & Monitoring
Simplifying application maintenance
Template-drivenProvide a single source of truth for service deployments
Use Upgrade Domains to limit disruption of service during updates
In-place updatesChange application or template settings without replacing OS image
Change memory, update application package
Image-based updatesReplace old OS image with new OS image
Reinstall the application and restore the state
Compute Storage Network
Web App Data
In-place updates
V1.0V1.5
1. Choose service template from library
2. Deploy an instance of the service
3. Copy the service template, update version number, and update application or configuration
4. Publish the template and set the deployed service to the new template
5. Apply the update while maintaining availability of the service through the use of Upgrade Domains
Template library
Service template V1.0
Service template V1.5
Pending service update
Compute Storage Network
Web App Data
Image-based updates
V1.0V1.5
1. Choose service template from library
2. Deploy an instance of the service
3. Copy the service template, update version number, and update virtual disk or application
4. Publish the template and set the service to the new template
5. Apply the update while maintaining availability of the service by replacing the virtual hard disk and redeploying the application using Upgrade Domains
Template library
Pending service update Service
template V1.0
Service template V1.5
Your private cloud infrastructure components up-to-dateBaselineCreate baseline by logically grouping updates to assess compliance
Assign baseline to host groups to assess compliance
ScanCheck server compliance for assigned baseline
Use Windows Update Agent for applicability and compliance
Scan on demand or automated with PowerShell
RemediateMake server compliant by installing missing updates
Track progress in Virtual Machine Manager console
Allow on-demand remediation, or automate using PowerShell
Enable feature
Manage baselines
Scan servers
Remediate servers
Manage exemptions
More compliant and up-to-date
Works with existing update server
No down time with live migration
VMM server Updated server
Virtual hosts
Upd
ates
Update catalog
Update management
Application Management
Centralized Maintenance
Deep Application Insight
Maintenance, Management & Monitoring
Client-sideEnd user experiences related to page load times, server and network latency, and client-side scripting exceptions
Server-sideMonitoring the actual code that is executed and delivered
by the application
SyntheticPre-recorded testing paths through the application that highlight availability, response times, and unexpected responses
The complete application monitoring solution
Use the same tools to monitor with visibility across infrastructure and applications
Infrastructure monitoring
Compute and OS monitoringHelps achieve infrastructure SLAs
Trends infrastructure usage over time
Allows for broad service coverage with partner management packs
Extensibility through management packsMicrosoft provides knowledge and thresholds
for Microsoft products
MPs from most WS 2012 roles
Partners provide expertise for non-Microsoft applications
Organizations author their own management packs
“Knowledge” for resolving alerts
“Best practices” for configuration and alert thresholds
Reporting information
Comprehensive cross platform visibility
Integrate product and company knowledge for proactive tuning
Product knowledgeDefines server and application health-monitoring context
Provides troubleshooting and corrective actions
Integrates automatic discovery and deployment
Company knowledgeProvides company-specific information for operators
Explains document overrides implemented for a monitor or rule
Stores information in custom management packs
View entire application healthHolistically monitor IT-service health of distributed applications
Drill down into the application to determine where the problems reside
Allow quick discovery and alignment of infrastructure health to application performance
Out-of-the-box network monitoringDiscoveryMulti-vendor support and protocol support
SNMPv1/v2c/v3 and IPv4 and IPv6
MonitoringPort and interface
Peripheral components (CPU, RAM)
ReportingMemory utilization, processor utilization, port traffic volume, port error analysis, and port packet analysis
VisualizationNetwork summary view
Network node view
Network vicinity view
Consolidated view of network performance View dashboard
summary
Identify underperforming nodes
Examine detailed content
Correlation between VMs and network devices
Network map vicinity view
VM-to-network relationship
Examine detailed content
Storage MonitoringAlerts from Thin provisioning
Dashboards to show historical usage
Map VMs to usage Discovery of SAS arrays
Multi-vendor support (NetApp, EMC, HP, Dell EQL, LSI)
Application Management
Centralized Maintenance
Deep Application Insight
ConnectingDevOps
Maintenance, Management & Monitoring
Open up the conversation
Application performance monitoring pinpoints exactly where the issue is, reducing the mean time to resolution
Server-side monitoring shows the application is functioning
“My application is running slowly!”
“The code passed all testing.”
“The network looks good.”
“The servers are running fine.”
Client-side, however, shows there is a problem..
Rich visualization
Code execution – level information
Page load times and where the time was spent (such as images, and CSS)
JavaScript exceptions
Data is collected by injecting custom JavaScript on the page
Collect data from the .NET calls
Application methods
Variables and parameters
Types of calls being made, web methods, internal execution, SQL commands
Client-sideServer-side
Deep insight into application performance
Responding to application performance issues
Expected user experience
End user experience impact
Automated remediation
Knowledge capture
Developers
Network
Infrastructure
Alert is forwarded to Service Manager and incident is raised
Resolve issue and close alert
Operations Manager application advisor provides rich reporting and trending information about the applications performance
Gain quick visibility into the top issues and application components that are impacting the end user experience
Easily see where to focus resources
Understand the relationships between application components
Reporting and trending analysis
Application Management
Centralized Maintenance
Deep Application Insight
ConnectingDevOps
Service Delivery Automation
Maintenance, Management & Monitoring
Automation conceptsActivitiesIntelligent tasks that perform defined actions
RunbooksSystem-level workflows that execute a series of linked activities
DatabusUsed to publish and consume information as a Runbook executes
Standard activitiesA rich set of out-of-box activities
Get server ID from DPM
Get data sources
Create recovery point
Create incident
Create checkpoint
Start maint mode
Shut down VM
E-mail on error
Update on success
Invoke web services
Compare values
Query database
Send e-mail
Run .NET script
Return data
Check schedule
Building automation: Runbook designer
Easy authoring and debugging Drag and drop, Visio-like authoring, nested Runbooks, built-in features like looping and branching
DatabusAbstracts developer-level complexity from the Runbook author and enables hub-and-spoke integration model
20+ integration packs (IPs) for System Center, Microsoft, and third-party management tools
Building automation: Runbook designer
Standard activities to support delivery of private cloud offerings• Run system commands• Perform schedule-based activities• Monitor processes or system-level alerts• Manage file interactions such as
copying and moving files• Send e-mail notifications• Support other notification types• Search for or modify data within
a workflow• Manipulate text files• Manage workflows
Building automation: Runbook designer
Microsoft Runbook Integration PacksSystem Center 2007 Operations Manager
System Center 2007 Configuration Manager
System Center 2010 Service Manager
System Center 2008 Virtual Machine Manager
System Center 2010 Data Protection Manager
System Center 2012 Operations Manager
System Center 2012 Configuration Manager
System Center 2012 Service Manager
System Center 2012 Virtual Machine Manager
System Center 2012 Data Protection Manager
Active Directory
Building your own automation
Build and distribute your own integrations
Use the Quick Integration Kit (OIT) Command-Line Interface (CLI) Wizard-based GUI Wraps command, program, SSH, and PowerShell executions into activities
Building your own automation
Build and distribute your own integrations
Take advantage of the OIT software development kitNo wizard, no GUIUse .NET or Java IDEs to compile DLL or JAR resource files
Building your own automation
External interface to System Center
Standards-basedRESTful web interfaceUses OData (Open Data Protocol)
Take advantage of existing investments in PowerShell, .NET scripting, and third-party APIs, and build them into Orchestrator Runbooks
Virtual Machine ManagerService templatesVirtual machine templatesStorage classificationsLogical networksLoad balancersLoad balancer VIP templates
Operations ManagerServersClientsHardwareWebsitesDatabasesWeb servicesVirtual machinesHostsExchange serversDomainsSitesAnd much more…
Configuration ManagerComputersHardwareSoftwareComputer primary userDesired configuration management
Active DirectoryUsersGroupsComputersPrintersUser manages user
OrchestratorRunbooks
Author workflows to sync data from Line-of-Business applications (LOB) or other third-party management systems
Other optionsCSV data importCustom connector using SDKPowerShell
Import Runbooks and CI data
Service Manager
Operations Manager
Configuration Manager
Active Directory
Virtual Machine Manager
Microsoft Exchange(Admin + User)
Third-party management tools
Orchestrator
Integration across the infrastructure
Operations Manager
Configuration Manager
Active Directory
Virtual Machine Manager
Microsoft Exchange(Admin + User)
Third-party Management Tools
Orchestrator
Service Manager
Notifications via Exchange
Service ManagerData Warehouse
Inbound to System CenterBi-directional from OrchestratorBi-directional for notifications/reportingBi-directional Runbook integration
Bi-directional connector for automation activities and executing automation workflows
Configuration items and automation data populated into CMDBAutomation commands issued to System Center, third-party tools, Microsoft Exchange and Azure
Inbound and outbound notifications and Business Intelligence
BI through Reporting and Dashboards
Azure CloudManagement
Application Management
Centralized Maintenance
Deep Application Insight
ConnectingDevOps
Service Delivery AutomationExtends beyond the private cloud
Maintenance, Management & Monitoring
Service templates: Hyper-V, VMware, XenServer
Package and configuration
Private cloud
Managing applications across multiple clouds
Application management across private and public
Deploy Manage Monitor
And Service Providers
On-premise operations manager
Windows Azure application
Performance data, events, logs
Read app roles and structure
Read operational data and grooming
Windows AzureService API
Table storage Web role
Worker role
Performance data, events, logs
Windows Azure
Our premise
Monitoring applications on Windows AzureOperations Manager console diagram view
360o .NET application monitoringDisplays information from Global Service Monitor, .NET Application
Performance Monitoring Web Application
Availability Monitoring
Summary of health and key metrics for 3-tier applications in a single view.
67
Operations Manager
Web Test
Predictable application SLA: Global Service Monitor
Production Application
Microsoft Visual
Studio 2012
Workitem +Results
Results
Results
Call Web App
Web Test + Schedule
On-premises
Global Service Monitor
!
Global Service Monitor
Points of Presence
Test Status
Response Times
Alerts
Microsoft | VMware ComparisonApplication Maintenance, Management &
MonitoringCapability Microsoft VMware
Centralized Patching & Maintenance Yes YesNon-Virtualized Infrastructure Management Yes Yes1
Integrated Service Management Yes Lacks CMDB2
Heterogeneous Automation Yes VMware Centric3
Deep Application Insight Yes Yes4
Integrated Dev-Ops Yes No51. Would require purchases outside of the vCloud Suite including vCloud Automation Center, vFabric Hyperic, vCenter Operations Management Suite
Enterprise Edition2. vCloud Automation Center enables application owners or administrators to request infrastructure but vCAC lacks any form of true CMDB for
complete ITIL/MOF IT Service Management3. VMware's vCenter Orchestrator has a limited set of plug-ins, of which the vast majority are VMware centric. No mention of plug-ins for other
enterprise management systems and tools such as those from HP, IBM, BMC etc.4. Remediation limited to VMware best practices thus lacking in application-specific remediation guidance5. Lab Manager deprecated, with customers expected to upgrade to vCloud Director, which has no connections with Development IDE.
VMware Information: http://www.vmware.com/products/datacenter-virtualization/vcloud-suite/compare.html, http://www.vmware.com/products/datacenter-virtualization/vcloud-automation-center/overview.html, http://www.vmware.com/products/datacenter-virtualization/vcloud-automation-center/buy.html, http://www.vmware.com/products/application-platform/vfabric-hyperic/buy.html, https://solutionexchange.vmware.com/store/categories/21/view_all, http://www.vmware.com/products/labmanager/overview.html
Protection of Key Applications & Workloads
Application Management – Protection of Key Applications & Workloads
Data protection manager disaster recovery (with offsite replication and tape)
Tape-based backup
Disk-based recovery
Up to every 15 minutes
Windows Azure Backup
Active DirectoryHyper-VFile Services
Windows Client
System Center Operations Manager
System Center Data Protection Manager
DPM Hyper-V with CSV 2.0 Protection Efficient express full backups
No more owner node & non-owner node performance penalty
Parallel backups 900% backup performance improvement Live Migration: Uninterrupted Data Protection How does it work?
DPM tracks changes on VM as they happen using DPM filter driver All changes are noted in a bitmap < 0.5% CPU penalty
@ Backup, create snapshot, read and transfer changed content to DPM
VM Live Migration – Uninterrupted Protection Windows Server 2012 support Live Migration anywhere
Inter and Intra Cluster Stand alone to Stand alone Cluster to Stand alone and vice versa
Uninterrupted data protection by DPM Original Location Recovery
Recovers VM to the current host where it is running How does it work?
DPM interacts with VMM to find VMs new host Initiates the backup job on new host if need be DPM Machine$ is an admin on VMM Server Install VMM Console on DPM Server
VM Scale and Performance improvements DPM can protect up to 800 VMs of 100GB each Support any size clusters with multiple DPM Servers Express Full Backup Page File Exclusion
Page File Exclusion Backup storage savings for VM protection Protects VM without Page File Move Page File to a separate VHD (like Scratch VHD) Specify the Page File name to DPM Server DPM backs up the Page File VHD as part of IR but not as part of
DR
DPM Scale Out Protect any size clusters
Multiple DPM Servers protect same cluster A 64 node cluster with 4,000 VMs can be protected by 5 DPM Servers
DPM Backup To Azure Ability to backup to Azure Well integrated into current workflows New Online Service How does it work?
Customer subscribes to Online Service Deploys DPM-A bits on DPM Server Registers DPM to Online Service Create new or modify protection group
Microsoft | VMware ComparisonProtection of Key Applications & Workloads
Capability Microsoft VMware
Granular Workload Protection Yes No1
Physical & Virtual Protection Yes No1
3rd Party Integration Yes No2
Centralized Role-Based Management Yes Yes3
Tape Backup Yes No4
Integrated Disaster Recovery Yes Yes
1. VMware Data Protection offers no protection for the workloads within the virtual machine, simply focusing on the VM itself as the protection unit and offers no protection of physical machines
2. VMware Data Protection is not extensible by 3rd parties3. VMware Data Protection is capped at 10 appliances per vCenter with a maximum storage of 2TB/100 VMs per appliance.4. VMware Data Protection offers no protection to tape media. Disk only
VMware Information: http://www.vmware.com/files/pdf/techpaper/Introduction-to-Data-Protection.pdf, http://pubs.vmware.com/vsphere-51/topic/com.vmware.ICbase/PDF/vmware-data-protection-administration-guide-51.pdf
©2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Office, Azure, System Center, Dynamics and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.