Presentation is loading. Please wait.

Presentation is loading. Please wait.

Michael Epprecht IT Pro Evangelist Microsoft Corporation Inside Windows Azure

Published byConrad Black Modified over 8 years ago

Similar presentations

Presentation on theme: "Michael Epprecht IT Pro Evangelist Microsoft Corporation Inside Windows Azure"— Presentation transcript:

1 Michael Epprecht IT Pro Evangelist Microsoft Corporation Inside Windows Azure michael.epprecht@microsoft.com twitter: @fastflame

2 Public cloud: A cloud platform run by a service provider, such as Microsoft, Amazon, or Google, made available to many end-user organizations Private cloud: A cloud platform run solely for a single end-user organization, such as a bank or retailer The technology can be much like public clouds, but the economics are different An organization might combine private and public clouds to form a hybrid cloud Public Clouds vs. Private Clouds - Typical definitions

3 Infrastructure as a Service (IaaS): basic compute and storage resource On-demand servers Amazon EC2, VMWare vCloud Platform as a Service (PaaS): cloud application infrastructure On-demand application-hosting environment E.g. Google AppEngine, Salesforce.com, Windows Azure Software as a Service (SaaS): cloud applications On-demand applications E.g. Office 365, Intune, Live/Hotmail, GMail, Microsoft Office Web Companions Cloud Fundamentals

4 The Cloud is about cheap, on-demand capacity The Benefits of the Cloud Windows Azure

5 The Data Center

6 Some of Microsoft’s Data Centers Chicago Quincy Dublin Amsterdam Hong Kong Singapore Japan "Datacenters have become as vital to the functioning of society as power stations." The Economist San Antonio Boydton Des Moines Quincy, Washington27MW100% Hydro power Chicago, IllinoisUp to 60MWWater side economization, Containers Dublin, IrelandUp to 50MWOutside air cooling, PODs, Wind Power

7 What is a Data Center?

8 Who needs cooling?

9 Datacenter Colocation Generation 1 San Antonio & Quincy Generation 2 Chicago & Dublin Generation 3 Microsoft’s Datacenter Evolution EFFICIENT RESOURCE USAGE DEPLOYMENT SCALE UNIT 200520062007200820092010+

10 Windows Azure

11 Windows Azure is an OS for the data center Model: Treat the data center as a machine Handles resource management, provisioning, and monitoring Manages application lifecycle Allows developers to concentrate on business logic Provides shared pool of compute, disk and network Virtualized storage, compute and network Illusion of boundless resources Provides common building blocks for distributed applications Reliable queuing, simple structured storage, SQL storage Application services like access control and connectivity Windows Azure

12 Windows Azure Components

13 Developer Experience Use existing Skills and Tools Windows Azure Platform Internet

14 1. A Windows Azure application is built from one or more roles 2. A Windows Azure application runs multiple instances of each role 3. A Windows Azure application behaves correctly when any role instance fails The Three Rules

15 Windows Azure Application Characteristics Single Instance Persistent OS Single Instance Stateless OS Multi-Instance Stateless OS Automated, Consistent Application Updates Automated, Consistent Configuration Changes Multi-Instance Management Scale-out High Availability Automated, Consistent OS Servicing Windows Azure

16 Configuration and deployment: Certificate management (e.g. SSL) Load-balanced public endpoints Internal endpoint configuration and discovery Operations: Remote desktop access management Automated OS and runtime updates Coordinated updates Availability: Health monitoring SLA guaranteed uptime Basic Windows Azure Functionality

17 A cloud application is typically made up of different components Front end: e.g. load-balanced stateless web servers Middle worker tier: e.g. order processing, encoding Backend storage: e.g. SQL Server, tables or files Multiple instances of each for scalability and availability Modeling Cloud Applications Front- End

18 A Windows Azure application is called a “service” Definition information Configuration information At least one “role” Roles are like DLLs in the service “process” Collection of code with an entry point that runs in its own virtual machine There are currently three role types: Web Role: IIS7 and ASP.NET in Windows Azure-supplied OS Worker Role: arbitrary code in Windows Azure-supplied OS VM Role: uploaded VHD with customer-supplied OS The Windows Azure Service Model

19 Windows Azure Components ROLE Virtual Machine IIS (in web roles) Role Runtime Application Code Operating System

20 Definition: Role name Role type VM size (e.g. small, medium, etc.) Network endpoints Code: Web/Worker Role: Hosted DLL and other executables VM Role: VHD Configuration: Number of instances Number of update and fault domains Role Contents Service Role: Front-End Definition Type: Web VM Size: Small Endpoints: External-1 Configuration Instances: 2 Update Domains: 2 Fault Domains: 2

21 Portal Service Northern Europe Datacenter Service package uploaded to portal Windows Azure Portal Service passes service package to “Red Dog Front End” (RDFE) Azure service RDFE converts service package to native “RD” version RDFE sends service to Fabric Controller (FC) based on target region FC stores image in repository and deploys and activates service Deploying a Service to the Cloud: The 10,000 foot view FC

22 The “kernel” of the cloud operating system Manages datacenter hardware Manages Windows Azure services Four main responsibilities: Datacenter resource allocation Datacenter resource provisioning Service lifecycle management Service health management Inputs: Description of the hardware and network resources it will control Service model and binaries for cloud applications The Fabric Controller (FC) Server Datacenter

23 Datacenter Architecture TORTOR LB AggAgg PDUPDU AggAgg AggAgg AggAgg AggAgg AggAgg Racks Datacenter Routers Aggregation Routers and Load Balancers TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU TORTOR PDUPDU ………… … Top of Rack Switches Power Distribution Units … Nodes

24 Windows Azure Datacenters

25 FC is a distributed, stateful application running on nodes (blades) spread across fault domains Installed by “Utility” Fabric Controller One acts as the primary and all others keep view of world in sync Supports rolling upgrade, and services continue to run even if FC fails entirely High-Level FC Architecture TORTOR FC1FC1 … … TORTOR FC2FC2 FC2FC2 … … TORTOR FC3FC3 … … FC3FC3 TORTOR FC4FC4 … … TORTOR FC5FC5 … … LBLB LBLB LBLB LBLB AGG LBLB LBLB LBLB LBLB LBLB LBLB Nodes Rack

26 1. Power on node 2. PXE-boot Maintenance OS 3. Agent formats disk and downloads Host OS 4. Host OS boots, runs Sysprep /specialize, reboots 5. FC connects with the “Host Agent” Provisioning a Node Fabric Controller Role Images Role Images Role Images Role Images Image Repository Maintenanc e OS Parent OS Node PXE Server PXE Server Maintenance OS Windows Azure OS

27 Example Role B Count: 2 Update Domains: 2 Fault Domains: 2 Size: Medium Role B Count: 2 Update Domains: 2 Fault Domains: 2 Size: Medium Role A Count: 3 Update Domains: 2 Fault Domains: 2 Size: Large Role A Count: 3 Update Domains: 2 Fault Domains: 2 Size: Large Fault Domain 1 Fault Domain 2 Fault Domain 3 Load Balancer 10.100.0.36 10.100.0.122 10.100.0.185

28 Inside a Role VM Resource Volume OS Volume Role Volume Guest Agent Role Host Role Entry Point

29 Where does VM Role fit in? Control Abstraction (i.e. Less IT & Less Plumbing Code) Admin Web Role Admin Worker Role (Startup Tasks) Worker Role Web Role VM Role

30 Long running application installations Error-prone application installations Application installations requiring manual interaction VM Role Use Cases

31 On Premise: 1. Create Hyper-V image with Windows Server 2008 R2 unlicensed 2. Install your applications 3. Install Azure Integration Components 4. SysPrep 5. Upload image to Azure with CSUPLOAD On Azure: 1. Enable your VM in Azure Management Portal 2. Start the VM role Azure Management Portal 3. Azure Licenses and Activates VM 4. Finalize/Configure Application VM Role Prep

32 The VM is the security boundary upon which Windows Azure security is based The host OS and FC host agent are trusted The guest agent is untrusted The FC host agent ensures that the VM can only access IP addresses assigned to VMs of the same service Allows access to Internet addresses FC uses certificates and network security to authorize access to datacenter resources Fabric Controller Security

33 FC maintains service availability by monitoring the software and hardware health Based primarily on heartbeats Automatically “heals” affected roles Node and Role Health Maintenance

34 Moving a role instance is similar to a service update On source node: Role instances stopped VMs stopped Node reprovisioned On destination node: Same steps as initial role instance deployment Warning: Resource VHD is not moved Moving a Role Instance (Service Healing)

35 Secure network connectivity between on-premises and cloud Supports standard IP protocols Customer benefits and motivation: Leverage current IT investments Cloud app integration with existing apps / data sources Compliance / security drivers Simple setup and management Windows Azure Connect Azure Enterprise

36 Windows Azure Connect in Context CLOUDENTERPRISE Data Synchronization SQL Azure Data Sync Application-layer Connectivity & Messaging Service Bus Security Federated Identity and Access Control Secure Network Connectivity Windows Azure Connect

37 Enable WA Roles for external connectivity via service model Enable external computers for connectivity by installing Connect agent Win Server 2008, 2008 R2, Vista, and Win7 supported platforms Network policy managed through WA portal Granular control over connectivity Automatic setup of secure IPv6 network between connected role instances and external computers Tunnel firewalls/NAT’s through hosted SSL- based relay service Secured via end-to-end IPSec DNS name resolution Windows Azure Connect – Closer Look Role ARole B Role C (multiple VM’s) Windows Azure Enterprise Dev machines Databases Relay

38 Azure Role Sizes http://www.microsoft.com/windowsazure/pricing/

39 SQL Azure

40 SQL Azure Service Provisioning Model Each account has zero or more servers Azure wide, provisioned in a common portal Established a Billing instrument Each server has one or more databases Logical concept equal to a master DB Contains metadata about database & usage Unit of authentication, geo-location, billing, reporting Generated DNS-based name Each database has standard SQL objects Users, Tables, Views, Indices, etc Unit of consistency Account Account Server Server Database

41 SQL Azure High Level Architecture Internet / Azure Cloud LB TDS (tcp) Load balancer forwards ‘sticky’ sessions to TDS protocol tier Security Boundary Gateway Scalability and Availability: Fabric, Failover, Replication, and Load balancing SQLSQLSQLSQL SQLSQL Gateway: TDS protocol gateway, enforces AUTHN/AUTHZ policy; proxy to backend SQL Data Center Boundary Application Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, …

42 SQL Azure Reporting Load Balancer SQL Azure Database Server … Catalog TempDB Data Source [tenant].database.windows.net https://[tenant].reports.windows.net/rep orts/report1.rdl RS Gateways RS Instances Windows Azure SQL Azure Reporting Services Architecture Microsoft SQL Azure Reporting Infrastructure: SQL Azure for data tier and Windows Azure for hosting Availability: RS Gateway for tenant isolation and “smart” routing Multitenancy: Stateless RS instances as a shared “engine” Performance: Co-locate RS with user DBs

43 Monthly Service Level Agreements All running roles will be continuously monitored If role is not running, we will detect and initiate corrective action >99.9% Instance Monitoring & Restart Database is connected to the internet gateway All databases will be continuously monitored >99.9% Database availability >99.9% Service bus and access control endpoints will have external connectivity Message operation requests processed successfully Service Bus & Access Control Availability Your service is connected and reachable via web. Internet facing roles will have external connectivity >99.95% Compute Connectivity >99.9% Storage service will be available/ reachable (connectivity) Your storage requests will be processed successfully Storage Availability >99.9% Service will respond to client requests and deliver the requested content without error Content Delivery Network

44 Platform as a Service is all about reducing management and operations overhead The Windows Azure Fabric Controller is the foundation for Windows Azure’s PaaS Provisions machines Deploys services Configures hardware for services Monitors service and hardware health Performs service healing The Fabric Controller continues to evolve Relational Databases, Reporting, Security, Connectivity all part of the Platform with more to come Conclusion

45 Global Foundation Services (GFS) http://www.globalfoundationservices.com/ http://www.globalfoundationservices.com/ Windows Azure http://www.azure.com/ http://www.azure.com/ Links

46

47 © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Michael Epprecht IT Pro Evangelist Microsoft Corporation Inside Windows Azure"

Similar presentations

Connecting Windows Azure to Your Enterprise Network & Applications

Connecting Windows Azure to Your Enterprise Network & Applications
Page 1 Ricardo Villalobos Windows Azure Architect Evangelist Microsoft Corporation Designing, Building, and Deploying Windows Azure applications.

Page 1 Ricardo Villalobos Windows Azure Architect Evangelist Microsoft Corporation Designing, Building, and Deploying Windows Azure applications.
Application Internet Azure Cloud Internet Azure Cloud LB TDS (tcp) Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Load balancer.

Application Internet Azure Cloud Internet Azure Cloud LB TDS (tcp) Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Load balancer.
Introducing Windows Azure

Introducing Windows Azure
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
Virtual techdays INDIA │ 9-11 February 2011 The Whole New Windows Azure Platform Management Portal Saranya Sriram │ Developer Evangelist, Microsoft.

Virtual techdays INDIA │ 9-11 February 2011 The Whole New Windows Azure Platform Management Portal Saranya Sriram │ Developer Evangelist, Microsoft.
Usage Compute Time Average Inactivity Period Compute Time Average Usage Compute Time Compute Time Average Usage.

Usage Compute Time Average Inactivity Period Compute Time Average Usage Compute Time Compute Time Average Usage.
The spring release of Windows Azure Infrastructure as a Service introduces new functionality that allows full control and management of virtual machines.

The spring release of Windows Azure Infrastructure as a Service introduces new functionality that allows full control and management of virtual machines.
Cloud Power Application Driven Comprehensive & Open Cloud under Your Control!

Cloud Power Application Driven Comprehensive & Open Cloud under Your Control!
COS302. = Managed for YouStandalone Servers IaaSPaaSSaaS Applications Runtimes Database Operating System Virtualization Server Storage Networking.

COS302. = Managed for YouStandalone Servers IaaSPaaSSaaS Applications Runtimes Database Operating System Virtualization Server Storage Networking.
Subtitle color From Windows Azure From Outside Microsoft Datacenter From Outside Microsoft Datacenter & Windows Azure Application / Browser Windows.

Subtitle color From Windows Azure From Outside Microsoft Datacenter From Outside Microsoft Datacenter & Windows Azure Application / Browser Windows.
Cloud Computing Systems Lin Gu Hong Kong University of Science and Technology Sept. 21, 2011 Windows Azure—Overview.

Cloud Computing Systems Lin Gu Hong Kong University of Science and Technology Sept. 21, 2011 Windows Azure—Overview.
Name Title Microsoft Windows Azure: Migrating Web Applications.

Name Title Microsoft Windows Azure: Migrating Web Applications.
COS301. = Managed for YouStandalone Servers IaaSPaaSSaaS Applications Runtimes Database Operating System Virtualization Server Storage Networking.

COS301. = Managed for YouStandalone Servers IaaSPaaSSaaS Applications Runtimes Database Operating System Virtualization Server Storage Networking.
VM Role (PaaS)Virtual Machine (IaaS) StorageNon-Persistent StoragePersistent Storage Easily add additional storage DeploymentBuild VHD offsite and upload.

VM Role (PaaS)Virtual Machine (IaaS) StorageNon-Persistent StoragePersistent Storage Easily add additional storage DeploymentBuild VHD offsite and upload.
Migrating Applications to Windows Azure Virtual Machines Michael Washam Senior Technical Evangelist Microsoft Corporation.

Migrating Applications to Windows Azure Virtual Machines Michael Washam Senior Technical Evangelist Microsoft Corporation.
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation

Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
PlacePlace TypeType ServiceService Analysis Caching Integration Sync Search Relational BLOB Query BackupLoad Multi Dim In Memory File XML Reporting.

PlacePlace TypeType ServiceService Analysis Caching Integration Sync Search Relational BLOB Query BackupLoad Multi Dim In Memory File XML Reporting.
Windows Azure Virtual Networks. Agenda LB VIP: Input Endpoint Internal Endpoint foo.cloudapp.net  VIP.

Windows Azure Virtual Networks. Agenda LB VIP: Input Endpoint Internal Endpoint foo.cloudapp.net  VIP.
Windows Azure Role Cloud Computing Soup to Nuts Mike Benkovich Microsoft Corporation btlod-71.

Windows Azure Role Cloud Computing Soup to Nuts Mike Benkovich Microsoft Corporation btlod-71.

Similar presentations

Ads by Google