Post on 16-Apr-2020
1
The Pathway to the Cloud Using Azure SQL Managed Instance
2
The Pathway to the Cloud Using Azure SQL Managed Instance
Sales Order Management
Product Manuals
3
The Pathway to the Cloud Using Azure SQL Managed Instance
Business
Growth
Efficiency
Experience
(Apps)
Agility
Assurance
(Security)
4
The Pathway to the Cloud Using Azure SQL Managed Instance
Catalog
Existing
application
Define criteria
for moving to
or starting
applications in
the cloud
Architect core
infrastructure
components
for cloud
integration
• Networking
• Identity
• Security
Acquire cloud
development
skills
Retool for
adoption and
change
management
Take a
systematic and
disciplined
approach to
Security,
Governance,
Compliance
https://azure.microsoft.com/mediahandler/files/resourcefiles/d8e7430c-8f62-4bbb-9ca2-f2bc877b48bd/Azure%20Onboarding%20Guide%20for%20IT%20Organizations.pdf
https://docs.microsoft.com/en-us/dotnet/standard/modernize-with-azure-and-containers/
https://azure.microsoft.com/en-us/resources/videos/connect-2017-application-modernization-with-microsoft-azure/
https://gartnerinfo.com/futureofit2011/MEX38L_A2%20mex38l_a2.pdf
https://www.gartner.com/doc/3249517/use-cloud-modernize-legacy-systems
RBAC / Identity & Access Management
Microsoft Azure Active Directory
Consumer identity providers
Encrypted Synchronization
Azure AD
On-premises
Windows ServerActive Directory
Azure
Public Cloud, Your Apps, 2500+ popular SaaS
apps
Publiccloud
Standards Bases Integration:
• OAuth2 & OpenID Connect
• SAML
• WS-Federation
• REST based Graph API
• SCIM
• FIDO
ConditionsAllow access
Block access
ACTIONS
Enforce MFA per
user/per app
Location (IP range)
Device state
User groupUser
Risk
Identity Driven Security
Multi Factor
Authentication
NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES
CLOUD APP DISCOVERY
PRIVILEGED IDENTITY MANAGEMENT
5
The Pathway to the Cloud Using Azure SQL Managed Instance
Subscription Management
Subscription trusts one directory
Microsoft Azure AD
Active Directory
User Groups
Apps Devices
Graph API
Roles- Global Admin- User Admin- Etc.
Identity management &
Authentications
App Support
Team
Virtual Machine
Contributor and
Website Contributor
Development
Team
Virtual Machine
Contributor and
Website Contributor
Network & Security
Team
Virtual Network
Contributor and Virtual
Machine Contributor
Database Management
Team
SQL Server Contributor
and SQL Security
Manager
Dev
Subscription
Test
Subscription
Production
Subscriptions
Platform Team Owner
Storage & Backup
Team
Storage Account
Contributor
Partitions, Subscriptions, resource groups or resources.
Permissions Inherited downstream
ARM API
APPLICATION
Per application policy , Client type, (Native apps,
web apps)
OTHER
Location (IP Range), Risk Profile (future)
DEVICES
Is Domain Joined, Is Compliant, Platform type (IOS,
Android, Windows)
USER / GROUP ATTRIBUTES
User identity, Group memberships, Auth Strength
➢ Allow
➢ Enforce MFA
➢ Block
Front-End Access
Dynamic/Reserved public IP addresses
Direct VM access, ACLs for security
Load balancing
DNS services: hosting, traffic management
Traffic Manager
DDoS protection
Users
Internet
The Big (Network) PictureAzure
Virtual Network
Virtual Network
“Bring your own network”
Segment with subnets and security groups
Control traffic flow with user defined routes
Backend connectivity
Point-to-site for dev/test
VPN Gateways for secure site-to-site connectivity
ExpressRoute for private enterprise grade connectivity
Backend connectivity
ExpressRoute and VPN
6
The Pathway to the Cloud Using Azure SQL Managed Instance
▪ Task automation and configuration management framework
▪ Command-line shell and associated scripting language built on the .NET Framework
▪ Full access to COM and WMI, enabling administrators via WS-Management and CIM enabling management of remote Linux systems and network devices
+
Automation as a Service
• An orchestration service in Azure to
• automate repetitive or long-running processes
Script Authoring Environment
• Uses PowerShell Workflows
• Combination of PowerShell 4.0 and WF
• Uses Integration Modules, very similar to
PowerShell Modules
Scheduling and Monitoring
• Execute scripts on a schedule
• Review execution status on a dashboard
+
• Deploy- Automate initial deployments and upgrades using templates
• Manage - Access control, policies, auditing and tagging support management post-deployment
• Monitor - Monitor related resources as a group
DevOps CI/CD deployment pipeline
7
The Pathway to the Cloud Using Azure SQL Managed Instance
Azure Usage API – retrieve resource usage data, along with
resource tags and resource metadata.
• Azure Role-based Access Control
• Hourly or Daily Aggregations
• Instance metadata provided (includes resource tags)
• Resource metadata provided
• Usage for all offer types PowerBI
Azure subscription Cost Management, portal or …
…custom reports
ANALYTICS:
Multicloud Cost Management (Azure/AWS/GCP)
Azure Enterprise Scaffold: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-
subscription-governance
Modern Service Management for Azure: https://azure.microsoft.com/en-us/resources/msm-for-azure/
8
The Pathway to the Cloud Using Azure SQL Managed Instance
IaaS Cloud (VMs) PaaS PaaS/FaaS
Web App
9
The Pathway to the Cloud Using Azure SQL Managed Instance
10
The Pathway to the Cloud Using Azure SQL Managed Instance
•
•
•Create Project
Download
Collector
Create
Collector VM
Collect
Metadata
Collect VM
Usage
Create
Assessment
Group
View
Assessment
Report
Optional:
Dependencies
• Summary of the number of machines suitable for Azure which is referred to as Azure Readiness.
• Monthly estimate of the cost for running the machines in Azure after migration.
• Storage monthly cost estimate
Azure readiness, monthly cost estimates for computing, and a monthly cost estimates for storage.
11
The Pathway to the Cloud Using Azure SQL Managed Instance
12
The Pathway to the Cloud Using Azure SQL Managed Instance
• Azure Database Migration Service (DMS)
• SQL Server Migration Assistant (SSMA)
• Data Migration Assistant (DMA)
• Database Experimentation Assistant (DEA)
• Data Migration Assistant (DMA)
• SQL Server Migration Assistant (SSMA)
• Azure Database Migration Service (DMS)
• Near-zero downtime enabled by 3rd party tools
M I G R A T I O N G U I D E
1. Assess and identify issues
3. Migrate schema,
data, and logins
Legacy SQL Server InstanceDMA
2. Fix issues
13
The Pathway to the Cloud Using Azure SQL Managed Instance
Microsoft gallery images
• SQL Server 2008 R2 / 2012 / 2014 / 2016 / 2017
• SQL Server Web / Standard / Enterprise / Developer / Express Editions
• Windows Server 2008 R2 / 2012 R2 / 2016
• Linux RHEL / Ubuntu
SQL licensing
• Based on SQL Server edition and core count (VM Sizes)
• Pay-per-minute
Bring your own license
• Move an existing license to Azure through BYOL images
Commissioned in ~10 minutes
Connect via RDP, ADO .Net, OLEDB, JDBC, PHP, and so on
Manage via Azure portal, SSMS, Powershell, CLI, System Center, and so on
14
The Pathway to the Cloud Using Azure SQL Managed Instance
• Fully managed database migration service for both operational databases, data warehouses.
• Supports minimal down time migrations
• From On-premises, Private Clouds, and Public Clouds
SQL
Assign worker
Project 1Source
Server 1
DB11
DB12
DB3
DB14
Project 2
DB15
DB16
Source
Server 1
Projects
Project 3
DB21
DB22
DMS
Service
Target Azure SQLDB managed instance
Target Azure SQL Database
Validation
task
Next
Migration
task
Validation
task
Migration
task
Done
15
The Pathway to the Cloud Using Azure SQL Managed Instance
• Used to have minimal downtime during migration
• Configure your Azure SQL Database as a subscriber
• All changes to your data or schema show up in your Azure SQL Database
• Synchronization is complete – change connection string of your application
• Remove Replication
Delivers Minimum Downtime
16
The Pathway to the Cloud Using Azure SQL Managed Instance
EASY NO DOWNTIME HETEROGENEOUS
MIGRATION
ON PREM
CLOUD
SQL Database
SQL Data Warehouse
2012
Parallel Data Warehouse
Analytics Platform System
Azure DB for MySQL
Azure DB for PostgreSQL
FOR MICROSOFT MIGRATIONS
no-charge offer co-sponsored by Microsoft & Attunity
Developed Validation
Tests
Setup test
environmentRun validation tests Run performance tests
• Developed validation tests - To test database migration, we used SQL queries. We created the validation
queries to run against both the source and the target databases. The validation queries cover the scope
we defined with the client.
• Set up test environment - The test environment contained a copy of the source database and a copy of
the target database. We isolated the test environment.
• Run your validation tests - Run your validation tests against the source and the target, and then analyse
the results.
• Run your performance tests - Run performance test against the source and the target, and then analyse
and compare the results.
17
The Pathway to the Cloud Using Azure SQL Managed Instance
https://docs.microsoft.com/en-us/sql/relational-databases/post-migration-validation-and-optimization-guide
For SQL Server to SQL Server migrations, if an issue existed in the source SQL Server, migrating to a
newer version of SQL Server as-is will not address this scenario.
18
The Pathway to the Cloud Using Azure SQL Managed Instance
(Private Preview!)
▪ New apps, ‘one database
per app’ pattern
▪ Lift-and-shift rich SQL apps to
PaaS without any code
changes
▪ ISV / Enterprise developing
cloud-born SaaS
▪ ISV / Enterprise starting
cloud modernization
▪ DB-centric programming
model
▪ Tenant isolation / resource
guaranteed at the DB level
• Rich, instance-centric
programming model
• Nearly 100% compatibility
• Resource guaranteed/SLA at
Instance-level
• Azure VNet isolation
▪ ISV / Enterprise developing
cloud-born SaaS
▪ New multi-tenant SaaS
apps or modernized
existing apps to SaaS
▪ Higher utilization efficiency
with a shared resource
model
▪ Resource guaranteed/SLA
at the pool level
Intelligent database
Self-tuning
▪ Lift-and-shift rich SQL apps , 3rd
party DB (Oracle, MYSQL) to
IaaS, Dev & Test scenarios
▪ Migration of single/fewer apps
to the cloud
▪ Bring your own license and
license embedded SQL images
▪ ISV / Enterprise starting cloud
modernization
• 100% SQL Server
compatibility
• Full control on the OS and -
or SQL Server level
• VNet isolation
• SLA at VM level
Reduced OPEX and CAPEX
Dynamic scale
Advanced security
Full Control, Compatibility
Security and High Availability
License Mobility
▪ New apps, ‘one database
per app’ pattern
▪ Lift-and-shift rich SQL apps to
PaaS without any code
changes
▪ ISV / Enterprise developing
cloud-born SaaS
▪ ISV / Enterprise starting
cloud modernization
▪ DB-centric programming
model
▪ Tenant isolation / resource
guaranteed at the DB level
• Rich, instance-centric
programming model
• Nearly 100% compatibility
• Resource guaranteed/SLA at
Instance-level
• Azure VNet isolation
▪ ISV / Enterprise developing
cloud-born SaaS
▪ New multi-tenant SaaS
apps or modernized
existing apps to SaaS
▪ Higher utilization efficiency
with a shared resource
model
▪ Resource guaranteed/SLA
at the pool level
Intelligent database
Self-tuning
▪ Lift-and-shift rich SQL apps , 3rd
party DB (Oracle, MYSQL) to
IaaS, Dev & Test scenarios
▪ Migration of single/fewer apps
to the cloud
▪ Bring your own license and
license embedded SQL images
▪ ISV / Enterprise starting cloud
modernization
• 100% SQL Server
compatibility
• Full control on the OS and -
or SQL Server level
• VNet isolation
• SLA at VM level
Reduced OPEX and CAPEX
Dynamic scale
Advanced security
Full Control, Compatibility
Security and High Availability
License Mobility
19
The Pathway to the Cloud Using Azure SQL Managed Instance
20
The Pathway to the Cloud Using Azure SQL Managed Instance
Sales Order Management
Product Manuals
21
The Pathway to the Cloud Using Azure SQL Managed Instance
If yes, then go for
Managed Instance!
Managed Instance brings PaaS closer to you!
???
22
The Pathway to the Cloud Using Azure SQL Managed Instance
What is SQL Database Managed Instance?
Easy lift and shift
• Fully-fledged SQL
instance with nearly
100% compat with
on-prem
Fully managed PaaS
• Built on the same
PaaS service
infrastructure
• All PaaS features
Full isolation and security
• Native VNET
implementation
• Private IP addresses
SQL Database (PaaS)
Elastic Pool
Managed Instance
Singleton
A flavor of SQL DB that enables
frictionless cloud migration for on-
prem SQL apps and modernization
in a fully managed PaaS
Note: features will be added in stages until General Availability of Managed Instance
Security
• Integrated Auth (AAD)• Encryption (TDE, AE)
• SQL Audit• Row Level Security• Dynamic Data Masking
23
The Pathway to the Cloud Using Azure SQL Managed Instance
OMS
24
The Pathway to the Cloud Using Azure SQL Managed Instance
Your work so far How PaaS helps?
Hardware purchasing and management Built-in
Scales on-demand
Protect data with backups Built-in
Point-In-Time-Restore
Updates and upgrades Built-in
HA Built-in
99.99% SLA and auto-failover
DR Built-in
Geo-redundancy and geo-replication
Compliance with standards on your own Built-in / easy to use features
Secure your data from malicious users and mistakes Built-in / easy to use features
Monitor, troubleshoot and manage at scale Built-in / easy to use features
Tune and maintain for predictable performance Built-in/ easy to use features
Gateway subnet
Peered network
App subnetMI subnet
App subnet
Peering channel
On-prem app
1
2
SQL Instance #1SQL Instance #2
App Service
EnvironmentIaaS hosted app 3 4
Express Route / VPN Gateway
“VNET Integrated”
web app
IaaS hosted app5
App Service
Environment
6
7“VNET Integrated”
web app (peered VNET)
virtual data cluster dedicated to customer
SQL MI VnetPeered Vnet
Running in a VM
with private IP
injected in
customer VNET
25
The Pathway to the Cloud Using Azure SQL Managed Instance
26
The Pathway to the Cloud Using Azure SQL Managed Instance
IaaS Cloud (VMs) PaaS PaaS/FaaS
Web App
Peering channelCON-VNET
MI subnet
virtual data cluster dedicated to customer
BonovaASE-Vnet
ASE subnet
BonovaASE
AdventureWorksDemoApp
SQL VM subnet
0
3
1 PROVSION Vnet and SQL MI
storage account
2
BACKUP TO AZURE
RESTORE FROM AZURE URL
4
REPOINT APPLICATION
5
LOAD DATA WITH SQL AGENT
SQL IaaS
con-app-sqlmi
27
The Pathway to the Cloud Using Azure SQL Managed Instance
28
The Pathway to the Cloud Using Azure SQL Managed Instance
App Modernisation
29
The Pathway to the Cloud Using Azure SQL Managed Instance
We love to get feedback
Please complete the session feedback forms
30
The Pathway to the Cloud Using Azure SQL Managed Instance
We want to empower today’s innovators to unleash the power
of data and reimagine possibilities that will improve our world