Presentation is loading. Please wait.

Presentation is loading. Please wait.

演讲主题:云计算与下一代IDC的架构与运维

Similar presentations


Presentation on theme: "演讲主题:云计算与下一代IDC的架构与运维"— Presentation transcript:

1 演讲主题:云计算与下一代IDC的架构与运维
2012华东架构师大会 演讲主题:云计算与下一代IDC的架构与运维 演讲嘉宾:李志霄

2 Cloud Fundamentals Infrastructure as a Service (IaaS): basic compute and storage resources On-demand servers Amazon EC2, VMWare vCloud Platform as a Service (PaaS): cloud application infrastructure On-demand application-hosting environment E.g. Google AppEngine, Salesforce.com, Windows Azure, Amazon Software as a Service (SaaS): cloud applications On-demand applications E.g. GMail, Microsoft Office Web Companions

3 今天的IT部署方式与时俱进了吗? 把大规模、分散的计算资源整合为可以按须提供服务的计算资源,提高了IT设施的利用率,降低了成本和用户使用门槛
今天许多CIO,CFO仍然在—— 投资昂贵的设备-服务器,路由器。磁盘(CAPEX); 等待一两年的项目实施的周期; 承担项目开发和上线的风险; 为维护系统,灾备而烦恼; 缺乏弹性-业务需求变化造成设备,带宽闲置(被投资人骂翻)或不足(被用户骂翻)。 基于运算与知识的服务将成为社会化的服务(utility-水电气) 把大规模、分散的计算资源整合为可以按须提供服务的计算资源,提高了IT设施的利用率,降低了成本和用户使用门槛

4 The Benefits of the Cloud
The Cloud is about cheap, on-demand capacity Eg Windows Azure = Managed for You Standalone Servers IaaS PaaS SaaS Applications Runtimes Database Operating System Virtualization Server Storage Networking

5 Your options increase with the Cloud
Store data in the Cloud Extend application to the Cloud Move application to the Cloud Create new Cloud service Combine Cloud services to create new sol’n.

6 生态系统鸟瞰图 –认识自己(Ecosystem)
3G/4G LTE ADSL/WiFi/Femtocell/FTTX 高速卫星宽带 数据中心 /IaaS SaaS/PaaS XaaS 信息电厂 信息电网 elecom TIME 云端产业 T edia ntertainment 信息电器 Connected Device

7 数据中心也在向增值服务与时俱进 Migration to Value Added Services
Colocation Model Managed Services Model Managed Hosting Model Cloud Model Utility Hosting Server, Storage Server, Storage Customer Server Consulting Consulting Customer Server,Mgmt 21V Managed Ops,Mgmt, Monitor Ops,Mgmt, Monitor Install,test, Monitor,RH 21V Managed IP BW, IP VPN IP BW, IP VPN IP BW IP BW Colo, Power Colo, Power Colo, Power Colo, Power

8 因此我们有必要及早定位云计算产业链、布局关键环节
A Paradigm Shift 思维转换 云计算就是把廉价 硬件(COTS)软件化软件服务化 服务运营化 运营规模化 的一套技术和业务模式 云计算产业正从传统IT产业和互联网产业中脱胎换骨,以全新的形态呈现在人们眼前 今天的IT竞争已经不是企业的竞争,也不是产品的竞争,而是进入了一场产业链竞争 (Wintel-8/2开放/封闭式,苹果-99.9/0.1封闭/开放式) 因此我们有必要及早定位云计算产业链、布局关键环节

9 Cloud Services Most of Today’s Cloud IDC True Cloud IDC On Premises
Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime Infrastructure (as a Service) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You Manage Platform (as a Service) Storage Servers Networking O/S Middleware Virtualization Applications Runtime Data You Manage Vendor Manages Software (as a Service) Storage Servers Networking O/S Middleware Virtualization Applications Runtime Data You Manage Vendor Manages Customer Manages Vendor Manages

10 Example: Windows Azure Components
Windows Azure PaaS Applications Windows Azure Service Model Runtimes .NET 3.5/4, ASP .NET, PHP Operating System Windows Server 2008/R2-Compatible OS Virtualization Windows Azure Hypervisor Server Microsoft Blades Database SQL Azure Storage Windows Azure Storage (Blob, Queue, Table) Networking Windows Azure-Configured Networking

11 What a “Cloud OS” should be:
Cloud OS= OS for the data center Model: Treat the data center as a machine Handles resource management, provisioning, and monitoring Manages application lifecycle Allows developers to concentrate on business logic Provides shared pool of compute, disk and network Virtualized storage, compute and network Illusion of boundless resources Provides common building blocks for distributed applications Reliable queuing, simple structured storage, RDBS storage Application services like access control and connectivity

12 The “Heart and Soul” of Cloud OS--Fabric Controller (FC)
The “kernel” of the cloud operating system Manages datacenter hardware Manages Windows Azure services Four main responsibilities: Datacenter resource allocation Datacenter resource provisioning Service lifecycle management Service health(fault, performance) management Inputs: Description of the hardware and network resources it will control Service model and binaries for cloud applications Server Kernel Process Datacenter Fabric Controller Service Windows Kernel Word SQL Server Exchange Online SQL Azure

13 Windows Azure Fabric Controller I
App SQL Server Azure App SQL Azure Windows Server Windows Azure Windows Kernel Fabric Controller Server Hardware DataCenter

14 Windows Azure Fabric Controller
Login Azure Portal RDFE Aggregators and Load Balancers Fabric Controller Node

15 Modeling Cloud Applications
A cloud application is typically made up of different components Front end: e.g. load-balanced stateless web servers Middle worker tier: e.g. order processing, encoding Backend storage: e.g. SQL tables or files Multiple instances of each for scalability and availability

16 Global Physical Infrastructure
CDN caching identity & security business analytics commerce media integration HPC compute data management networking SQL database noSQL database websites cloud services blob connect virtual network traffic manager VMs Global Physical Infrastructure servers/network/datacenters automated elastic managed resources usage based

17 There Are Three Ways to Get Started Using Windows Azure Compute:
data management networking SQL database noSQL database websites cloud services blob connect virtual network traffic manager VMs Cloud Services – Capture the full benefits of the cloud that quickly scale up or down. Infrastructure management is all done by Microsoft, so you can focus your resources on building the best app. Virtual Machines – Instantly run your existing applications and infrastructure in a VHD image. You retain full control to configure and maintain the image. Capture some benefits of the cloud including load balancing and failover. Web Sites – Quickly and easily deploy sites to the cloud with support for multiple frameworks and popular open source applications including WordPress, Drupal, Joomla! and Umbraco.

18 Windows Azure Cloud Services
compute data management networking SQL database noSQL database websites blob connect virtual network traffic manager VMs cloud services Windows Azure Cloud Services Cloud Services come in two Flavors: A place for your application code to run… Web role is pre-configured with IIS Worker role is for backend, async code You package your code/artifacts and Windows Azure deploys and manages it for you automatically Web Role Worker Role

19 Windows Azure Virtual Machines
compute data management networking SQL database noSQL database websites blob connect virtual network traffic manager cloud services VMs Windows Azure Virtual Machines Getting Started Select Image and VM Size New Disk Persisted in Storage Boot VM from New Disk Management Portal Blob Storage Scripting (Windows, Linux and Mac) REST API(for service mgmt) Cloud

20 REST API The Windows Azure SDK provides several APIs for programming in the Windows Azure environment The Windows Azure Service Management API is a REST API for managing your storage accounts and service deployments . 服务管理 API是一个REST API, 可以管理Windows Azure存储账户和托管部署服务。It provides programmatic access to much of the functionality available through the Management Portal. All API operations are performed over SSL and mutually authenticated using X.509 v3 certificates. 所有API操作均需要进行基于SSL的身份验证和使用X.509 v3的证书.The management service may be accessed from within a service running in Windows Azure, or directly over the Internet from any application that can send an HTTPS request and receive an HTTPS response. REST API在Azure两种服务类型的应用 Storage Accounts: 提供访问Windows Azure Blob, Queue, and Table 的服务. 可以实现管理现有的Storage Account,实现在订阅清单包含存储账户信息;返回存储账户属性;重新生成密钥。 Hosted Services: 提供在Azure环境中部署 Web Role; Work Role ;VM Role。 可以创建、删除部署;返回一个托管服务的属性;更新升级,重启,和管理已经部署的服务。

21 API(POST,GET,PUT或DELETE)
Windows Azure Storage Service: eg Create Storage Account POST https://management.core.windows.net/<subscription-id>/services/storageservices REST API(POST,GET,PUT或DELETE) Blob Queue Load Balance Table REST(Representational State Transfer)

22 Windows Azure Web Sites
compute data management networking SQL database noSQL database blob connect virtual network traffic manager cloud services VMs websites Windows Azure Web Sites Quickly and easily deploy sites to a highly scalable cloud environment with the frameworks and open source apps of your choice using Windows Azure Web Sites Supported Deployment Protocols Supports multiple frameworks (ASP.NET, Classic ASP, PHP, Node.js) Pick from popular Open Source apps Pick your DB (SQL Database, MySQL) Choose your tools (Visual Studio, Git(一个开源的分布式版本控制 系统), FTP, WebMatrix) Build on any platform (Windows, Mac, Linux) GIT : FTP Web Deploy : TFS Deploy

23 Application Deployed filename.cspkg + filename.cscfg
Setting Load balance & DNS VHD XML GuestOS Agent Storage(URL) Fabric Controller HostOS Agent

24 在Windows Azure上建一个免费的网站
如果你想建立一个低成本的网站但是又具有极好的扩展能力能满足业务和流量增长的需求, 或者 你想快速的建一个免费的网站,同时又有保障网站能稳定安全的运行,那么微软的Widnows Azure的websites新功能就能满足要求。如果我是一个刚起步不久的公司,或者我想做一个个人网站,我觉得Websites无疑是一个最佳的选择。 Window Azure 在今年六月的IaaS预览版本里公布了Websites的新功能,用户可以在Windows Azure上建十个免费12个月的网站(是不是对现在的一些网站托管很有压力?),主要的优点: 快速便捷- 用户可以容易地轻点几下鼠标,就能建立一个网站,免去网站托管和域名申请等繁琐的步骤 多种开发语言和平台的支持 – websites支持ASP.NET, 传统的ASP, PHP, Node.js,支持Windows, Mac, Linux,支持SQL Server ,SQL Azure, MySQL的数据库 优秀的可扩展性-在Azure上建网站可以充分利用到Azure的可扩展性的能力,随着网站流量的增加,可以随时增加资源来支持网站 原文出自【风信网】,转载请保留原文链接:http://www.ithov.com/server/ shtml

25 The Windows Azure Service Model
A Windows Azure application is called a “service” Definition information Configuration information At least one “role” Roles are like DLLs in the service “process” Collection of code with an entry point that runs in its own virtual machine There are currently three role types: Web Role: IIS7 and ASP.NET in Windows Azure-supplied OS Worker Role: arbitrary code in Windows Azure-supplied OS VM Role: uploaded VHD with customer-supplied OS

26 compute data management networking SQL database noSQL database blob connect virtual network traffic manager cloud services VMs websites Windows Azure offers multiple ways to manage your data in the cloud. SQL Database, formerly known as SQL Azure Database, enables you to rapidly create, scale and extend applications in the cloud using familiar tools and skills. SQL Database also includes features that enable easy migration, export and ongoing synchronization through SQL Data Sync of on-premises SQL Server databases with Windows Azure databases. Tables offer manual, key-based access to un-schematized data at a low cost for applications with simple data access needs. Blobs provide inexpensive storage of video, audio and images. Data Management are a set of managed services having a 99.9% monthly SLA

27 SQL Database Single Logical Database Multiple Physical Replicas
3/31/ :23 PM compute data management networking noSQL database blob connect virtual network traffic manager cloud services VMs websites SQL database SQL Database Single Logical Database Multiple Physical Replicas Replica 1 Cloud relational database based on SQL Server engine Use same tools, data access frameworks, T-SQL based language Global datacenters High Availability & Redundancy Reads are completed at the primary Writes are replicated to a quorum of secondaries Replica 2 Multiple Secondaries Single Primary Replica 3 © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 SQL Data Sync (easier to access,security, compliance, DR, etc.)
compute data management networking noSQL database blob connect virtual network traffic manager cloud services VMs websites SQL database SQL Data Sync (easier to access,security, compliance, DR, etc.) SQL Database Application On-Premises Cloud Application SQL Database Application Geo-located web applications Use with Windows Azure Traffic Manager Hybrid applications; one-way publish or two-way sharing SQL Server Multiple locations (e.g. branch office, retail offices); share data between locations and/or aggregate data in cloud Application SQL Database Application Scale-out via multiple copies of data E.g. Separate reporting & OLTP workloads; multiple Web sites SQL Server

29 TDS(Tabular Data Stream) protocol
SQLAzure Data Sync Reporting DBMS Azure Sync SQL Azure DB Data Sync TDS(Tabular Data Stream) protocol Two kinds of data sync

30 Extend your network into the cloud
compute data management networking noSQL database connect virtual network traffic manager cloud services VMs websites SQL database blob Extend your network into the cloud Treat your Windows Azure services as if they are on your own corporate network. Enables services in Azure (e.g. SQL Database) to use services on-premise (e.g. Active Directory) directly. Increase performance and availability of services Redirect user to best/closest deployment. Redirect traffic to another deployment based on availability. Traffic is distributed equally to all cloud services.

31 Windows Azure Networking
compute data management networking noSQL database virtual network traffic manager cloud services VMs websites SQL database blob connect Windows Azure Networking Windows Azure Roles Connect For developers Designed for developers so it is simple to setup, easy to manage and can be rapidly provisioned On premise machines

32 Windows Azure Networking
compute data management networking noSQL database connect traffic manager cloud services VMs websites SQL database blob virtual network Windows Azure Networking Virtual Network For network administrators Provides network admins the control to setup subnets in the Cloud and manage them as extensions of on-premise datacenters On-premise subnets Subnets in Windows Azure

33 Windows Azure Traffic Manager
compute data management networking noSQL database connect virtual network cloud services VMs websites SQL database blob traffic manager Windows Azure Traffic Manager Load balance user traffic across cloud services running in same or different datacenters to build globally available, high performing apps Cloud Service Cloud Service Load-balancing Endpoint monitoring foo.trafficmgr.cloudapp.net CNAME Policies DNS based traffic management based on policies: Performance, Round- robin, Failover Improve app performance by serving user requests with services ‘closest’ to them Improve app availability by automatically failing over when a service goes down

34 CDN caching integration business analytics identity & security media HPC commerce A modern cloud service providing identity management and access control capabilities to cloud applications Windows Azure Active Directory is a modern cloud service providing identity management and access control capabilities to cloud applications, whether those are Windows Azure applications, Microsoft Office 365, Dynamics CRM Online, Windows Intune or other 3rd party cloud services. Easily integrate Live ID, Facebook, Yahoo, Google, & Active Directory for application single sign-on. Support for industry standards and existing .NET APIs.

35 Windows Azure Active Directory (Identity & Security)
CDN caching integration business analytics identity & security media HPC commerce Windows Azure Active Directory (Identity & Security) A modern cloud service providing identity management and access control capabilities to cloud applications (通过对诸如WRAP和SAML之类的标准协议的支持,ACS will perform sign-in with any OpenID 2.0 identity provider-Google, Facebook, Yahoo) ACS V2 Windows Azure Active Directory On-Premises Active Directory ADFS 2.0 Microsoft Apps Federation Trust Your Apps 3rd Party Apps

36 CDN caching identity & security business analytics commerce media integration HPC Media Services enable Content Companies and Solution Providers to build end-to-end media workflows on Windows Azure. Windows Azure Media Services are easy to use, flexible, and provide cost-effective and fully customized solutions that can create, manage, and distribute content for all the devices and platforms you care about. Media Services provide a scalable and reliable infrastructure allowing you to focus on your core business and the valuable features that differentiate your products.

37 Windows Azure Media Services
CDN caching identity & security business analytics commerce media integration HPC Windows Azure Media Services Media Services enable Content Companies and Solution Providers to build end-to-end media workflows on Windows Azure. Broadcasters Network Operators Content Owners Enterprises Encoding Format Conversion Content Protection On-Demand Streaming Live Analytics Windows Azure Media Services Rental | Subscription | Purchase | Free Windows Azure CDN 3rd Party CDN

38 What PaaS IDC is: Provides Platform as a Service Provides: Storage
Application Platform in the Cloud Provides: Compute Web, Worker & VM Role Storage Blob, Table, Queue & RDBS Server Application Fabric Service Bus, Access Control, Cache, Integration

39 Global Physical Infrastructure
CDN caching integration business analytics identity & security media HPC commerce compute data management networking SQL database blob connect virtual network traffic manager noSQL database websites cloud services VMs Global Physical Infrastructure servers/network/datacenters automated elastic managed resources usage based

40 Datacenter Architecture
Datacenter Routers Aggregation Routers and Load Balancers Agg Agg Agg Agg Agg Agg LB LB LB LB LB LB LB LB LB LB LB LB Top of Rack Switches TOR Nodes TOR Nodes Nodes TOR TOR Nodes TOR Nodes TOR Nodes TOR Nodes TOR Nodes Nodes TOR Nodes TOR Nodes TOR Nodes TOR Nodes TOR TOR Nodes Nodes TOR Racks PDU PDU PDU PDU PDU PDU PDU PDU PDU PDU PDU PDU PDU PDU PDU Power Distribution Units Fault Domain

41 Hardware & Network Topology

42 High Availability: Fault Domains
Purpose: Avoid single points of failures Unit of failure based on data center topology E.g. top-of-rack switch on a rack of machines Windows Azure considers fault domains when allocating service roles E.g. don’t put all roles in same rack

43 OSS(Equipment(network, server, storage) and SW health monitoring and control)-necessary for any kind of cloud

44 BSS(online/offline sales, billing/finance, marketing BI, CC, ICP Compliance, etc.)-necessary for public cloud

45 Challenges-Security and Interoperability
Confidentiality Free from attacks Service Level Agreement SLA must assure QoS (quality-of-service), e.g., service response time Interoperability Ensure a cloud service user can move from one cloud service to another Source:Lin, G., Fu, D., Zhu, J. and Dasmalchi, G., “Cloud Computing: IT as a Service,” IT Pro March/April 2009

46 IT 部署边界的演变: 基础设施虚拟化/服务管理标准化、自动化-四大板块虽会有消长,但都会继续存在,尤其是核心应用-可定制性, 合规要求,业务流程引擎,业务规则引擎(通用云平台面向企业应用的短板)
Video Conferencing IM 开发测试 存储 企业内共享应用-不同应用可以共享资源 增值型云托管 Cloud Hosting-不同客户的不同应用可以共享资源 ERP SCM CRM Search Identity/Security 存储 传统托管/租赁托管,多用户数据中心 Colocation, Managed Hosting-资源为客户拥有或专用 Finance HR 企业机密 政务内网 存储 Search ERP CRM SCM 存储 企业内核心应用-不同应用所需的资源均保持独立

47 (如http, XML, SOAP, WSDL, UDDI)
互操作性 使用标准化技术统一业界标准 从数据获取可重用性信息 连接人,数据,与异构系统 在文档、应用程序和系统间实现数据互操作 建立智能应用程序以提高数据质量 共享的面向服务体系结构 (如http, XML, SOAP, WSDL, UDDI) 文档

48 Service Bus

49 What is it ? Extension to the familiar WCF binding model SOAP/HTTP
SOAP/TCP HTTP Simple HTTP APIs for service Management Service Registry (Atom Publishing Protocol) Message Buffer(REST) Fully integrated with Access Control Service

50 Service Bus Service Bus Send Send App 1 App 2 Receive Receive
Exchange messages between loosely coupled applications Network send/receive from any internet connected device Traverse NAT /Firewall Message buffering for loosely connected applications Facilitate direct peer-to-peer connection

51 Service Bus Service Bus 可以用于将本地的服务暴露给Internet。大多数企业都拥有自己的局域网,为了解决IP地址不足的问题通常都设置了NAT,因此每台server对外都没有一个确定的地址。处于安全性考虑,防火墙往往都限制了大多数的端口。这就使得要在Internet上访问部署在本地的服务变得相当困难。

52 Service Bus Service Bus 正是为了解决这一问题而产生的。Service Bus作为一个中间人,你的服务和客户端全都作为Service Bus的客户端与之进行交流。因为Service Bus不存在NAT问题,所以你的服务和客户端都很方便地能与之通信。Service Bus在最极端的场合下只需要你的服务器暴露out bound 的80或443端口,换句话说,也就是你的服务器能够以HTTP(S)协议访问Internet。只要这样,你的服务器就能连上Service Bus。因此,它对防火墙的要求可以说是相当低的。

53 Internet Windows Azure Enterprise Cloud application Service bus relay
App behind firewall

54 Access Control Services

55 Access Control 安全永远都是程序需要考虑的第一要素,在云中,权限管理往往要比在企业内部来的困难。这是因为你无法直接使用诸如活动目录(Active Directory)之类的产品来统一管理你的程序的访问控制。 Access Control正是为了解决这一问题而产生的

56 Why Access Control Service?
Federated Identity Leveraging multiple identity providers per application ADFS v2, Live ID, Facebook, Yahoo, Google,… Identity abstraction Evolve past username/password Leverage claims-based identity

57 Access Control Access Control支持Federated Authentication和Authorization。例如,你可以要求你的用户通过企业内部的Active Directory Federation Server(ADFS)进行身份验证,使用他们的域账号登录,将验证后的claim传给Access Control,然后根据预先在Access Control中设定的规则来给与或者否认他们访问你的服务和资源的权限。当然,Access Control也支持各种其他的身份验证方式。通过对诸如WRAP和SAML之类的标准协议的支持, Access Control可以体现出良好的跨平台特性。

58 Service Bus (+Access control) 服务总线 (+访问控制)
端到云、云到云、云到非云的总体应用蓝图 智能终端 智能手机 智能网络电视 平板电脑 PC 智能车载终端 WEB服务 Service Bus (+Access control) 服务总线 (+访问控制) 云服务网关 云服务生成器 Legacy System 遗留系统主机(非云系统) 教育云 医疗云 政务云 Amazon,IBM,Oracle,。。。

59 A Hybrid Cloud-connecting data, apps, people, and machines
Mixed-Cloud Private Cloud Public Cloud Data Service Serivce Bus ACS Windows Azure Connect

60 华东架构师大会的组委会添加信息 2012华东架构师大会感谢的协办单位和捐助个人: GTI And Virident 世纪互联
AdMaster的创始人洪倍 联想员工李鹏程 中国(上海)创业者公共实训基地 预告信息: 2013年5月18日,将于上海举办2013华东数据库技术大会 人数规模:500人 会务合作,联系人:金官丁,联系电话: ,

61 谢谢!!!


Download ppt "演讲主题:云计算与下一代IDC的架构与运维"

Similar presentations


Ads by Google