Objectives 2 Windows Azure Pack Overview Windows Azure Pack Architecture Windows Azure Pack Views...
-
Upload
gyles-underwood -
Category
Documents
-
view
230 -
download
1
Transcript of Objectives 2 Windows Azure Pack Overview Windows Azure Pack Architecture Windows Azure Pack Views...
2
Objectives• Windows Azure Pack Overview • Windows Azure Pack Architecture• Windows Azure Pack Views • Provider• Consumer
• Hosting Scenarios• VM Hosting (IaaS)• Websites• Hosted Databases (SQL/MySQL)• Service Bus
• Review decisions and discuss next steps
R2 w/ Service Provider Foundation
Future Services
Service Bus
SQLVMsWebSites
Service Management API
ServicePlansUsers Provider
PortalConsumer
Self-ServicePortal
Web SitesAppsDatabaseVMs
Service ProviderCustomer
Self Service Portal Moves On-Premises
Common Mgt. Experience
Workload Portability
Cloud-Enabled Services Move On-
Premises
Consistent Dev.
Experience
Other Service
sCDN.
Media,, etc.
Caching
Service Bus
SQLVMRole
WebSites
WorkerRole
Service Management API
Web SitesAppsDatabaseVMs
Subscriber Self-
ServicePortal
Windows Azure
Cloud OS Consistent Experiences
• Simplified infrastructure service delivery
• In-box service templates and runbooks for System Center components
• Integrate existing investments using web-based interfaces to System Center capabilities
• Scale management across multiple System Center instances (or “stamps”)
• Extensible service management automation
• Tenant-level resource metering for capacity planning and usage analytics
Multi-tenant cloud infrastructure
Tenants User roles Stamps
Service mgmt. automation (PowerShell based)
System Center REST web service APIs, incl. usage metering
Service provider systems (e.g., Billing).
System Center (Management
stamps)
Service provider portal
Service Provider Foundation (SPF)
Tenant admin/users
APIs
Virtual machin
e manage
r
Virtual machin
e manage
r
Virtual machin
e manage
r
Orchestrator Operations manager
Service Providers• Integrate into existing systems to orchestrate
& automate end to end processes
• Out of the box runbooks to automate delivery of cloud services
• Import additional integration modules and author PowerShell workflow runbooks within Service Management portal
• Operational dashboard for analysis and troubleshooting
• Authentication using Active Directory
Administration
Subscribes to
Plans define Admin—Tenant relationship
Clouds
CreatesPlans
Tenant
Admin
Services
Provisions
Allocated from
Restricted by
Quota, Add-ons
Incl
ud
e
Creates
Resource Clouds
Connect cloud to VMM instance
Define usage limits
Assign VM templates & networks
Admin: create VM cloud
Service Providers• Manage shared infra and
services• Virtual Machine Clouds• Web Site Clouds• Service Bus Clouds• 3rd party shared services
• Create offers of select services• Define unique quotas per service• Define offer add-ons for upsell• Include curated gallery applications• Publish public or private offers
Subscriptions
Service Providers• Consistent interface for all
Services• REST, OData & JSON• Enable 3rd party billing providers and ITFM
integration
• Data Warehouse
• Analytics on Tenant Subscription usage
• Enable license compliance through inventory reports
Usage/Billing
Multi-tenant cloud infrastructure: capacity planning and usage analytics• Granular metering of resource
usage by tenant, including CPU, memory & storage
• Enable business/ operational insight with tenant-level analytics
• Data warehousing & reporting, incl. allocation, utilization & license compliance views
• Integration with Cloud Cruiser cost analytics solution for billing capabilities.Usage metering and analytics are delivered by System Center 2012 R2 through Orchestrator as
SPF web-services APIs, usage data is provided by Operations Manager and VMM. Windows Azure Pack surfaces the reports.
Service Providers• Integrate into existing systems to
orchestrate & automate end to end processes
• Out of the box runbooks to automate delivery of cloud services
• Import additional integration modules and author PowerShell workflow runbooks within Service Management portal
• Operational dashboard for analysis and troubleshooting
Automation
Service management automation
• Enable efficient infrastructure delivery and operations
• Web-based runbook authoring
• Scalable, multitenant-aware automation engine built on PowerShell
• Import existing PowerShell scripts and workflows
• Integration with existing/ third-party systems
CMDB
Ticketing
Billing
Management Systems
VIRTUAL MACHINE CLOUDS
12
SQL SERVER
9
PLANS
12
WEBSITE CLOUD
12
MYSQL SERVERS
0
NOTIFICATIONS
0
USER ACCOUNTS
4
AUTOMATION
8
ALLITEMS
Add bulk user accounts
Service ticket for failed resourcesNotify users of plan updatesAdd additional SQL capacity
IntegrationWorkflow automation
Web-based authoring
Delivered by System Center 2012 R2 through the Orchestrator component by exposing the above features as web-service APIs along with SPF integration.
Windows Azure Pack Portal Customization
White LabelAdd-On Services Differentiated
Easily skin portal with your theme and brand
Custom login, logos, banner, colors, extensions, etc…
Safe Java allows some additional stable customization
REST API
Onramp for more Azure Services moving to Windows Server
Any number of services can be surfaced in the portal
Portal source code provided
Replace the portal with your own by providing support for the API
Tenant experienceHomepage
Rich self-service experience
Windows Azure consistency
Monitor and provision services
Service Consumers• Build highly scalable web
applications• Iterate with integrated source
control• Manage their apps with real-time
telemetry• Use the languages and open
source apps of their choice
Web sites
Service Consumers• Messaging service for cloud
apps• Guaranteed message delivery• Publish-subscribe messaging
patterns• Standard protocols (REST,
AMQP, WS*)• Interoperability (.NET, Java/JMS,
C/C++)• Integrated with management
portal
Service Bus
Service Consumers• Virtual Machine Roles
• Portable
• Elastic
• Gallery
• Windows and Linux Support
• Virtual Networks
• Site to Site connectivity
• Tenant supplied IP addresses
Virtual Machine
Service ConsumersIdentity• ADFS Federation integrates with Consumers own
Active Directory • Co-administrators
Database Services• SQL Server• MySQL
Value add services from gallery
Other shared services from provider
Programmatic access to cloud services• REST APIs
Additional
Services
DefinitionsVirtual Machine Role Gallery • Catalog of Virtual Machine Role
templates for tenants. Tenants view a curated and role-scoped list of Virtual Machine Role templates in the Tenant Portal, Powershell or APIs.
Virtual Machine Role Gallery Item• A single Virtual Machine Role
template
Virtual Machine Role• Homogenous scalable tier of
Virtual Machines.
Virtual Machine Role View Definition (VIEWDEF)• UI artifact for a gallery item.
The VIEWDEF includes constructs to build the ui wizard in order for the tenant to enter values for deployment.
Virtual Machine Role Resource Definition (RESDEF) • Template artifact for a Virtual
Machine Role. The RESDEF includes hardware, network, OS, and Application configuration.
Virtual Machine Role Resource Extension (RESEXT) • Application template and
installation payload (MSI, scripts, SQL DAC, etc) used to deploy an application into a Virtual Machine Role.
• Import and Manage Gallery Items• Resource Definition Package• Publish / Unpublish Gallery Items to
Tenants• Immediate impact when unpublishing• Add Gallery Items to Plans• Scopes access based on plan and
subscription• Gallery Item authorization from SPF• Resource extension from VMM
Service Admin Gallery
Cloud OS Virtual Machine Role• Scale-out and Scale-In of a Virtual
Machine Role• Update settings• Upgrade to new version• Change networks• Start/Stop/Shutdown VMs• Add/Remove Devices
Support for VM TemplatesActive Directory AuthenticationCo-admins can share subscription
Tenant Virtual Machine Features
• Tenants create their own networks
• Site to Site VPN
• Network Address Translation (NAT)
• Configuration of topology and border gateway protocol (BGP)
• Tenant IP addresses with network virtualization
• Consistent user experience with Azure
Tenant Networks
VMs can be:• On isolated network/no network• Windows/Linux/No OS
Requires• RDP client supporting Remote
Desktop Protocol 8.1• Windows Azure Pack• Service Management Portal
• System Center 2012 R2• Windows Server 2012 R2 • Hyper-V• Remote Desktop Gateway
Remote Console Access for Tenants
Remote Console Flow
Browser
Remote Desktop Client
client supporting Remote Desktop
Protocol 8.1
Windows Azure PackPortal
System Center 2012 R2
Windows Server 2012 R2
Remote Desktop Gateway
RDP File
RDP FileTokens (Host, VM)
Console Request
Trust
Trust
Windows Server 2012 R2 Hyper-V
Validate token signature.Validate token timestamp.Authorize host & port only
Validate token VMID.Authorize only specific VM.
Verify user accessGenerate and sign tokens
Generate RDP file and embed tokens
Cloud Service 1
Virtual Machine Role 1
Virtual Machine Role
VM1.1
Virtual Machine Role Resource Definition (RESDEF)
VM Container SpecificationExtension (RESEXT)Application
Configuration
Application, Network, VM Settings
VM1.2
UI Wizard (VIEWDEF)
• Templates• Definition - RESDEF• Extension - RESEXT
• UI Wizard
• View - VIEWDEF• Configuration
• ResConfig• Instances
• Cloud Service• Virtual Machine Role
• VM(s)
Cloud Service Model: Virtual Machine Role
Application (RESEXT)
• Roles and Features• Payload and
scripts• OS Image
requirements• Network IP and
Load balancer• RESEXT
Parameters
Virtual Machine Role (RESDEF)
• VM settings (size)• OS Settings• OS Image
Reference• RESEXT Reference• RESEXT Parameter
bindings• RESDEF
Parameters
UI Wizard (VIEWDEF)
• UI for RESDEF Parameters
• Grouping• Ordering• Validation• Localization
Deployment Configuration (RESCONFIG)
• RESDEF Parameter Values
• Single deployment• Versioned
Application Extension (RESEXT)
{ "Name": "IIS_Demo_2", "Publisher": "Microsoft, "Version": "1.0.0.0", "ExtensionHostingContract": "MicrosoftCompute/VMRole/1.0.0.0", ", "SchemaVersion": "1.0.0.0", "DataPackage" : { "Location" : "IISWS2012", "Version" : "1.0.0.0" }, "ResourceExtensionParameters": [ { "Name" : "IISPort", “Type" : "String", "Description" : "IIS Port" } ], "ResourceRequirements": { "OSVirtualHardDiskRequirements": ["WindowsServer2012", "Datacenter" ] }, "ExtensionSettings": { "SchemaVersion": "1.0.0.0", "WindowsServerRolesAndFeatures": [ "Web-Server", "Web-WebServer", "Web-Common-Http", "Web-Default-Doc", "Web-Dir-Browsing", "Web-Http-Errors“ ]"ApplicationProfile": { "ApplicationPayload": [ { "ID" : "123dbce1-8ccd-4fb1-af39-a2a3b69b4123", "RelativePath" : "IISConfiguration.cr" } ], "Name": "389cb52d-a950-46d3-b021-48b7fe67267e", "WindowsApplicationProfile": { "ProvisioningScripts": [ { "AlwaysReboot" : faalse, "ApplicationPayloadId" : "123dbce1-8ccd-4fb1-af39-a2a3b69b4123", "DeploymentOrder" : 1, "ErrorPolicy" : "FailOnMatch", "ExecutableAndParams" : {"Executable" : "cmd.exe", "Parameters" : "/q /c iisconfig.cmd [Param.IISPort]" }, "ExitCodeRegex" : "[[1-9][[0-9]*", "RebootExitCodeRegex" : null, "RestartOnRetry" : false, "ScriptBlock" : null, "ScriptCredential" : null, "ScriptType" : "PreInstall", "StandardErrorPath" : "C:\\iisconfig-gceerr.txt", "StandardErrorRegex" : null, "StandardInput" : null, "StandardOutputPath" : "C:\\iisconfig-gceout.txt", "StandardOutputRegex" : null, "TimeoutInSeconds" : 1200, "WorkingDirectory" : null
• Identifiers• Name, Publisher, Version
• Parameters – “IISPort”• OS Image Requirements
• Tags - “Windows Server 2012”, “Datacenter”
• Operating System Roles / Features• Web-Server, Web-WebServer, Web-
Common-Http• Script Application Deployment (Powershell DSC,
Puppet, Chef, MSI, script)• “Cmd.exe /q /c iisconfig.cmd
[Param.IISPort]"• Other profile types available
• SQL Profile• SQL Dac Applications• WebDeploy
• Run Scripts• Payload – bits and scripts• Parameterization with Basic Expressions • Import into VMM prior to Use• Packaged using Open Packaging Convention (
OPC)
Virtual Machine Role Resource (RESDEF)
{"Name": "IIS_Demo", "Publisher": "Microsoft", "Version": "1.0.0.0", "Type": "MicrosoftCompute/VMRole", "SchemaVersion": "1.0.0.0", "ResourceParameters": [ { "Name": "RoleVMSize", "Type": "String", "Description": "Platform-specific VM size (for Blue: XS | S | M | L | XL)" }, { "Name": "IISPort", "Type": "String", "Description": "IISPort desc." }], "ResourceExtensionReferences": [ { "ReferenceName": "IIS_Demo_2", "Name": "IIS_Demo_2", "Publisher": Microsoft", "Version": "1.0.0.0", "ResourceExtensionParameterValues" : '{
"IISPort" : "[Param.IISPort]"}' } ], "IntrinsicSettings": { "SchemaVersion": "1.0.0.0", "HardwareProfile": { "VMSize": "[Param.RoleVMSize]" }, "ScaleOutSettings": { "InitialInstanceCount": "[Param.RoleInitialInstanceCount]",
• Properties• Identity
• Name, Publisher, Version• Parameters
• RoleVMSize• IISPort
• Extension References • Name, Publisher, Version
• Parameter binding• IISPort
• Size Profile (XS, S, M, L, XL)• Storage Profile (Data / OS Disk)• OS specialization
• ComputerName, Timezone, other unattend
• Network profile (LB Config, Network)• Scale settings
• Parameterization with Expressions• Served from SPF Feed (Gallery)
Presentation UI Wizard (VIEWDEF)
{ "Label": "{{IISWS2012Label}}", "PublisherLabel": "Microsoft", "Description": "{{WS2012IISDescription}}", "DefaultLanguageCode": "en-US", "Sections": [ { "Title": "{{WS2012IISVMSettings}}", "Categories": [ { "CategoryName": "{{ScaleOutSettingGroup}}", "Parameters": [ { "Name": "RoleVMSize", "Label": "VM Size", "Type": "VMSize", "DefaultValue": "ExtraSmall", "Description": "{{RoleSizeDesc}}", "Validation": { "Required": true, "Messages": { "Required": {{RoleSizeRequiredMessage}}“ } } }, { "Name": "RoleOSVHDImageNameVersion", "Label": "OS Virtual Hard disk", "Type": "OSVirtualHardDisk", "Description": "{{OSDisk}}", "ImageTags": [ "WindowsServer2012", "Datacenter“ ], "Validation": {"Required": true,
"Messages": {"Required": "OS Disk is Required" } } }, { "Name": "RoleInitialInstanceCount", "Label": "Initial Instance Count", "Type": "Number", "DefaultValue": "1", "Description": "{{RoleInitialInstanceCountDescription}}", "Validation": { "Required": true, "MinRange": 1, "MaxRange": 5, }
• Grouping• Sections - Title• Categories - CategoryName
• Ordering• Follows the order in the viewdef
• Labels, Descriptions• Type
• Boolean, Number, String, SecureString, Credential, ComputerNamePattern, Option, VMSize, OSVirtualHardDisk, Network, OSTimezone
• Default Value• Validation• Localization
• Double-curly bracket notation• {{WS2012IISVMSettings}}
• Package resource file per language• "WS2012IISVMSettings": "Virtual Machine
Settings"
Deployment Configuration (ResConfig)
{ "Version": "1.0.0.0",
“ParameterValues” : ‘ { “IISPort": “80", “RoleVMSize” : “Small”, “ComputerNamePattern” : null, "NetworkName" : "corp" }’}•Generated by Portal
•Not persisted as a file• Versioned to enable updates • Parameter binding to user input
Gallery Item Resource Packages
.ResdefPkg
• Resdef file• Viewdef file• Icon• Language
directories and files
.ResextPkg
• Resext file• Script Payload• Application
Payload
Service Provider Foundation (SPF)
Virtual Machines
Virtual MachineManager
VM networksVirtual Machine
Manager
Service Templates
Virtual MachineManager
AutomationOrchestrator
Enables Hosted IaaSFeatures• VM management
• Service management
• Self-service VM networks
• Multi-tenancy / Multi-stamp
• Self-service tenant administration
• Enterprise identity for SPF
• Extensibility for hosted cloud API
• Usage Metering via SCOM
REST-based Odata API
2012 R2
R2
SPF architecture
REST API - OData
Claims-based AuthN and AuthZ
Aggregation
PowerShell web service
StampsManagement servers
TenantsUser roles
PowerShell scripts Orchestrator Runbooks
Management stamps
Service Mgmt Portal
1Shared
Shared instances
:-)
Shared & reserved instances
• When a website is first created it runs in shared mode.
• It shares available compute resources with other subscribers that are also running websites in shared mode.
Deploy web sites into a shared/multi-tenant hosting environment running on a shared set of server resources.
Shared instances
:-)
Reserved instance
:-)
Shared and reserved instances
1Reserved
• Websites can be upgraded optionally to run in reserved mode. This isolates them to run within a dedicated virtual machine.
• When you change the mode from shared to reserved, the website is scaled up.
Reserved instance
:-)
Reserved instance
:-):-)
:-) :-)
:-)
:-) :-)
Shared and reserved instances
2Reserved • Elastically scale the resources sites use to increase reserved instance capacity as traffic increases.
• Increasing the value for Reserved Instance Count will provide fault tolerance and improved performance through scale out.
• A website in Reserved mode will provide more consistent performance than a website in Shared mode because it is not sharing resources with other tenants.
• If Reserved Instance size is changed from Small to Medium or Large, the website will run in a compute instance of corresponding size with access to associated resources for each size.
Source code and developer tools
Use familiar developer tools.
Upload to production folders.
Synchronize IDE with popular source code control systems.
Visual Studio Team Foundation Server
FTP/HTTP
WebDeployNode.js, PHP,
ASP.NET,
• SQL Databases per subscription
• SQL Groups
• SQL Add-Ons
• Manage Database: View Info, Change Password, Resize and Delete
• SQL AlwaysOn Support
• Create Website with SQL Database
• Management Tasks: APIs and PowerShell Support
• SQL Usage reporting
SQL Server Hosting (SQL/MySQL) Features
Administrative Features
Server View• Add and maintain SQL Hosting Servers & AlwaysOn
Availability Group Listeners(AGL)• Dashboard: View Total Space Utilization per Hosting Server • List of all databases in a Server
SQL Group View• Add and maintain Logical Groups for better maintainability • Move Servers or AGLs between SQL Groups• Type: Standalone Vs AlwaysOn enabled
Tenant Features
Database View• Create and maintain databases as part of the subscription
• Create database against a SQL Database Edition available to subscription
• Manage Database: View Info, Change Password, Resize and Delete
• Subscribe to AddOns: Increase Database count and Size• Usage summary per subscription : no. of databases and
additional storage
Example : Service Bus Topics
Consumer 1
Consumer 2
Consumer 3
Publisher
Publisher myTopic
A
A
B
B
C
CA
A
B
DE
E
B
C
E
E
SubscriptionRule
Color=BLUE
myFirstSubscription
mySecondSubscription
A
Importing a Gallery Item
Download or author resource and
extension packages
Import .ResextPkg into VMM
Verify Deployment dependencies•VHD meets requirements•Network•Load Balancer
Import .ResdefPkg into Portal
Publish Gallery item to Plans
OSImage handling• OSImage should be parameterized for maximum reuse across
environments• Parameter allows user to select image (see Tags below)
• Tags• Viewdef – filters by Tags according to resext• Resext – Tags are application requirement• Guidance on “standard” tags – “WindowsServer2012”, “Datacenter”,
“.NET4.5”• Deployment will be blocked if referenced image is not tagged to match
RESEXT requirements• Reference is “Name:Version”
• “WindowsServer2012DatacenterENU:1.0.0.0”• Name and Version map to VMM VHD FamilyName and Release properties• Version must by n.n.n.n – vmm Release is a string• If OSImage is not parameterized, set FamilyName and Release accordingly
Configuring Virtual Machine Manager
• Cloud• Library share containing VHD is accessible to cloud
• Userrole• Tenant userrole has access to cloud
• Virtual Hard Disks• Configure Virtual Hard Disk FamilyName, Release and Tags accordingly – see OSImage slide
• Test in VMM using RESDEF• Powershell only• Read RESDEF, construct RESCONFIG• Submit resdef and resconfig via powershell to create a virtual machine role
Deploying a Gallery Item
Portal reads Gallery Item VIEWDEF to build wizard and gather user input
Portal produces a Resource Configuration (RESCONFIG)•Parameter Bindings for a single deployment
Portal creates a new Cloud Service or chooses existing
Portal calls SPF layer to deploy gallery item into Cloud Service using settings in the
RESCONFIG
SPF reads RESDEF and calls VMM with
RESDEF, RESCONFIG and Cloud Service
VMM combines RESCONFIG and
RESDEF with referenced RESEXT
to assemble deployment
configuration
VMM deploys Virtual Machine Role
instances into Cloud Services using
RESCONFIG settings.