Azure Camp

Live from a one day Azure Camp for IT

Cloud OS area

New trend usages:

  • social network (Twitter, Facebook, LinkedIn…)
  • data volume is increasing
    • 80% are unstructured data
  • number of connected devices is increasing
    • 7 M people for 6 M SIM card >>> more connected devices than people

 

Windows Server 2012 is the first ‘On Premise’ cloud OS which integrates with Windows Azure; meaning you can move your virtual machines from On Premises to Online service and vice versa

Windows Azure is composed by 8 datacenters across the world (4 in US, 2 in Europe and 2 in Asia)

Windows Azure is proposing:

  • web apps (web sites)
  • cloud apps (cloud services)
  • existing apps (virtual machines)

 

 

Windows Azure: network, load balancing and CDN

Windows Azure Connect

Simple network connectivity to implement and administer

Less scalability (1 to n – developer station to n virtual machine)

Windows Azure Virtual Network

Site to site VPN for Enterprise customers

This includes fault tolerance, load balancing and more complex scenario (n to n)

 

Consider Windows Azure datacenter as an extension of your branch office network; like a virtual/cloud branch office connected to your datacenter using a site to site VPN

 

Network plan must be compliant with the RFC 1918 – i.e. non routable IP addresses

Use case:

  • application running on Azure and consuming data from your On Premise databases
  • identity and access management based on your local Active Directory
  • monitoring and troubleshooting from your On Premises using System Center products suite

 

Current Limitations (v1)

  • 5 virtual network
  • 5 sites
  • 1 virtual network per affinity group
  • 1 local site
  • 9 DNS server
  • IP v4 only
  • No broadcast or multicast
  • 1 public IP address
  • 1 IP address per site gateway
  • No IKE v2 support
  • No certificate authentication support

 

CDN

CDN: content Delivery Network

Distributed network associated with Point of Presence’s: 24 Azure CDN across the world

Users are connected through the nearest POP to reach the content requested

CDN delivers:

  • static content
  • pay per use
  • peak load

 

 

Windows Azure Virtual Machine

PaaS vs Iaas >> PaaS is more recommended to support peak load

Use IaaS for

  • LOB application
  • Infrastructure services
    • file share, database, identity management…
  • Duplicate existing environment
    • for example to deploy a pre production environment
  • Hybrid deployment

 

Available OS

  • Windows 2008 R2 to Windows 2012
  • Windows 2008 R2 with SQL 2012
  • BizTalk 2010 R2
  • OpenSuse 12.1
  • CentOS 6.2
  • Ubuntu 12.0.4

You have to pay even if your VM is stopped because you are consuming anyway some resources, such as storage space. To stop paying, you must remove the virtual machine but you can keep the hard drive used.

To upload an existing VHD from your On Premise to Windows Azure, you must upload it using page blob option through Azure Explorer

VHD must be fixed size

Virtual disk can be moved between Azure and On Premises

Any data written on Azure disks are duplicated 3 times

Virtual Hard Drive Limitations

  • System disk: 127 Go
    • Cache Default: ReadWrite
    • Available option: ReadOnly
  • Data disk: 1 To but can be aggregated
    • Cache Default: none
    • Available options: ReadOnly or ReadWrite

Options are set using PowerShell – Set-AzureOSDisk or Set-AzureDataDisk

To manage cache, Windows Azure Virtual Machine is using a Temporary Storage (not persistent)

 

Management and automation

  • Group Policy
  • Scripting cross platform (JS)
  • System Center
  • PowerShell
  • Rest API

You can use Get-AzurePublishSettingsFile to get an auto generated configuration file to connect to your Azure subscription using PowerShell (see http://msdn.microsoft.com/en-us/library/windowsazure/jj152882.aspx).

 

SLA

  • 99.95 % with redundancy (4.38 h per year)
  • 99.9 % (8.75 h per year)

 

 

Windows Azure and Active Directory

Active Directory database and SYSVOL must be located on data virtual drive

Writing cache is not supported with Active Directory (FUA – Forced Unit Access)

Ongoing request are free; Outgoing request are paid

Active Directory topology with AD on Azure must be managed identically than with ‘On Premises’ AD topology with Headquarter and branch office

It’s recommended to deploy a Global Catalog on Azure to optimize authentication request (and so usage and pricing)

AD architecture (i.e. trust relationship or replication) has to be defined accordingly to your need; this is exactly the same problem with On Premises

Azure Virtual Machine are using DHCP for IP address assignment so the AD wizard will alert you but that’s ok as the IP address lease never expires

DNS service must be deploy within the domain controller deployed on Azure as Azure DNS doesn’t support DNS requirements for AD (SRV record….)

 

 

SharePoint on Azure

You can also take a look to my post from the SharePoint Conference 2012 http://blog.hametbenoit.info/2012/11/14/sharepoint-windows-azure-iaas-deep-dive-for-sharepoint-it-professionals/

3 options:

  • On Premises: full control
    • Can be costly
  • IaaS: ie hosted SharePoint
    • Less control
    • Virtual Machine on Azure
    • Full SharePoint control
    • Simple application
  • SaaS: ie Office 365
    • Few control

 

Use of SharePoint on Azure for:

  • Internet Site: SharePoint for Internet Site
  • Development, test or pre production platforms
  • Hybrid mode
    • for example Business Intelligence or Extranet mode
  • Disaster Recovery

 

What about support? SharePoint 2010 or 2013 can be deployed (Foundation or Server) on Azure, except Fast for SharePoint 2010 (SharePoint 2013 Server is not yet supported but it’s coming soon)

 

 

Windows Azure Active Directory(AAD)

This is not AD running on Azure but an identity management and access control solution to provide access to cloud service

This allow identity consolidation between application on the cloud what ever the identity provider or organization used by the application, whatever the platform or the device use

Leave a Comment

Your email address will not be published.