Live from a one day Azure Camp for IT
Cloud OS area
New trend usages:
- social network (Twitter, Facebook, LinkedIn…)
- data volume is increasing
- 80% are unstructured data
- number of connected devices is increasing
- 7 M people for 6 M SIM card >>> more connected devices than people
Windows Server 2012 is the first ‘On Premise’ cloud OS which integrates with Windows Azure; meaning you can move your virtual machines from On Premises to Online service and vice versa
Windows Azure is composed by 8 datacenters across the world (4 in US, 2 in Europe and 2 in Asia)
Windows Azure is proposing:
- web apps (web sites)
- cloud apps (cloud services)
- existing apps (virtual machines)
Windows Azure: network, load balancing and CDN
Windows Azure Connect
Simple network connectivity to implement and administer
Less scalability (1 to n – developer station to n virtual machine)
Windows Azure Virtual Network
Site to site VPN for Enterprise customers
This includes fault tolerance, load balancing and more complex scenario (n to n)
Consider Windows Azure datacenter as an extension of your branch office network; like a virtual/cloud branch office connected to your datacenter using a site to site VPN
Network plan must be compliant with the RFC 1918 – i.e. non routable IP addresses
Use case:
- application running on Azure and consuming data from your On Premise databases
- identity and access management based on your local Active Directory
- monitoring and troubleshooting from your On Premises using System Center products suite
Current Limitations (v1)
- 5 virtual network
- 5 sites
- 1 virtual network per affinity group
- 1 local site
- 9 DNS server
- IP v4 only
- No broadcast or multicast
- 1 public IP address
- 1 IP address per site gateway
- No IKE v2 support
- No certificate authentication support
CDN
CDN: content Delivery Network
Distributed network associated with Point of Presence’s: 24 Azure CDN across the world
Users are connected through the nearest POP to reach the content requested
CDN delivers:
- static content
- pay per use
- peak load
Windows Azure Virtual Machine
PaaS vs Iaas >> PaaS is more recommended to support peak load
Use IaaS for
- LOB application
- Infrastructure services
- file share, database, identity management…
- Duplicate existing environment
- for example to deploy a pre production environment
- Hybrid deployment
Available OS
- Windows 2008 R2 to Windows 2012
- Windows 2008 R2 with SQL 2012
- BizTalk 2010 R2
- OpenSuse 12.1
- CentOS 6.2
- Ubuntu 12.0.4
You have to pay even if your VM is stopped because you are consuming anyway some resources, such as storage space. To stop paying, you must remove the virtual machine but you can keep the hard drive used.
To upload an existing VHD from your On Premise to Windows Azure, you must upload it using page blob option through Azure Explorer
VHD must be fixed size
Virtual disk can be moved between Azure and On Premises
Any data written on Azure disks are duplicated 3 times
Virtual Hard Drive Limitations
- System disk: 127 Go
- Cache Default: ReadWrite
- Available option: ReadOnly
- Data disk: 1 To but can be aggregated
- Cache Default: none
- Available options: ReadOnly or ReadWrite
Options are set using PowerShell – Set-AzureOSDisk or Set-AzureDataDisk
To manage cache, Windows Azure Virtual Machine is using a Temporary Storage (not persistent)
Management and automation
- Group Policy
- Scripting cross platform (JS)
- System Center
- PowerShell
- Rest API
You can use Get-AzurePublishSettingsFile to get an auto generated configuration file to connect to your Azure subscription using PowerShell (see http://msdn.microsoft.com/en-us/library/windowsazure/jj152882.aspx).
SLA
- 99.95 % with redundancy (4.38 h per year)
- 99.9 % (8.75 h per year)
Windows Azure and Active Directory
Active Directory database and SYSVOL must be located on data virtual drive
Writing cache is not supported with Active Directory (FUA – Forced Unit Access)
Ongoing request are free; Outgoing request are paid
Active Directory topology with AD on Azure must be managed identically than with ‘On Premises’ AD topology with Headquarter and branch office
It’s recommended to deploy a Global Catalog on Azure to optimize authentication request (and so usage and pricing)
AD architecture (i.e. trust relationship or replication) has to be defined accordingly to your need; this is exactly the same problem with On Premises
Azure Virtual Machine are using DHCP for IP address assignment so the AD wizard will alert you but that’s ok as the IP address lease never expires
DNS service must be deploy within the domain controller deployed on Azure as Azure DNS doesn’t support DNS requirements for AD (SRV record….)
SharePoint on Azure
You can also take a look to my post from the SharePoint Conference 2012 http://blog.hametbenoit.info/2012/11/14/sharepoint-windows-azure-iaas-deep-dive-for-sharepoint-it-professionals/
3 options:
- On Premises: full control
- Can be costly
- IaaS: ie hosted SharePoint
- Less control
- Virtual Machine on Azure
- Full SharePoint control
- Simple application
- SaaS: ie Office 365
- Few control
Use of SharePoint on Azure for:
- Internet Site: SharePoint for Internet Site
- Development, test or pre production platforms
- Hybrid mode
- for example Business Intelligence or Extranet mode
- Disaster Recovery
What about support? SharePoint 2010 or 2013 can be deployed (Foundation or Server) on Azure, except Fast for SharePoint 2010 (SharePoint 2013 Server is not yet supported but it’s coming soon)
Windows Azure Active Directory(AAD)
This is not AD running on Azure but an identity management and access control solution to provide access to cloud service
This allow identity consolidation between application on the cloud what ever the identity provider or organization used by the application, whatever the platform or the device use