Windows Azure for IT Pros
description
Transcript of Windows Azure for IT Pros
![Page 1: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/1.jpg)
Windows Azure for IT ProsKurt CLAEYS (TSP Windows Azure, Microsoft EMEA)
![Page 2: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/2.jpg)
“What IT pros need to know about Azure”
![Page 3: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/3.jpg)
Agenda
• Azure overview• Create a hybrid environment with Azure Virtual Network• Federated authentication with AD / ADFSv2 / ACS• Monitoring Azure roles with SCOM• VMRole
4
![Page 4: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/4.jpg)
• infrastructure as a service (hardware)• Servers available in the cloud
• platform as a service (developer) • Delivery of a OS for custom, cloud enabled apps• Support for service hosting and interoperability • Relational data storage in the cloud
• software as a service (end users) = BPOS• Exchange online• Sharepoint online• Dynamics CRM online
PAAS
IAAS
SAAS
![Page 5: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/5.jpg)
PAAS
![Page 6: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/6.jpg)
Virtual NetworkCompute Storage
Data Sync
Database Reporting
CachingService Bus
Access Control
![Page 7: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/7.jpg)
Create a hybrid environment with Azure Virtual Network
• Hybrid = Apps in Azure need to be able to communicate with on premises machines and vice versa.
• Virtual Network = enabling direct IP-based network connectivity between machines, abstracting where the machine are located.
• Scenarios :• Connect to an on-premises SQL Server database • Domain-join Windows Azure services to local Active
Directory
9
![Page 8: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/8.jpg)
Azure Virtual Network
Web/Worker VM Role
On PremiseMachine
Azure Connect Gateway
Azure Connect Gateway Azure Connect Gateway
Network policy managed through
portal :“which machine can access which
machine”
SQL Server
IPV6 address IPV6 address
IPV6 address
opening https outboundon firewall is enough !
Corporate FIREWALL
![Page 9: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/9.jpg)
DEMOAzure Virtual Network
![Page 10: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/10.jpg)
Azure AppFabric Access Control
• Helps you build federated authorization into your applications and services.
• Declarative model of rules and claims.• Supports different identity-management infrastructures.• Bridges• Active Directory identity stores on premises (ADFS v2)• Services using Windows Identity Framework
12
![Page 11: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/11.jpg)
Authentication – Authorization - Rules
Azure ACS
WebApp
Facebook ID
ADFS2
identity providers
Claims
Redirect loginauthorization
rules
authentication
![Page 12: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/12.jpg)
Federation of identities
My WebApp
contoso
AD
fabrikamAD
ADFSv2 ADFSv2
Claimset owned by contoso Claimset owned by fabrikam
My Claimset
Azure ACS
![Page 13: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/13.jpg)
DEMOADFS - ACS
![Page 14: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/14.jpg)
VMROLE
• Ability to upload your own customized WS2008R2 Enterprise images.• Full control over the OS image, install whatever you want on it.• You can remote desktop into the OS.
• Target scenarios :• Need to use apps/libraries with no unattended setup.• Dev/Test on premises ... Production on Azure.
• Scale out !• Instances are behind loadbalancer, one public IP per service.• No durability of OS image on hardware failure.
• With VM Role, the customer creates & maintains the OS.• Paying model = Paying model of current web/workerrole.• Uses differencing disks to upload deltas to image. 16
![Page 15: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/15.jpg)
virtual image
app
Azure
virtual image
app
Azure
app
development environment
Visual Studio
virtual image
app
development environment
Hyper-V
• Web/Worker Role• The virtual image is already there, ... you upload your
app, ... Azure places this app on the image and runs the image.
• VM Role• You upload the complete virtual image with all apps
installed, ... Azure runs the image
![Page 16: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/16.jpg)
+ Install W2008 R2
![Page 17: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/17.jpg)
![Page 18: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/18.jpg)
<?xml version="1.0" encoding="utf-8"?><ServiceDefinition name="DemoX" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition">
<VirtualMachineRole name="VMRole1" vmsize="Medium"> <Imports> <Import moduleName="Diagnostics" /> </Imports> <ConfigurationSettings> <Setting name="ConnString" /> </ConfigurationSettings> <Endpoints> <InputEndpoint name="Endpoint1" protocol="tcp" port="9876" localPort="12345" /> </Endpoints> </VirtualMachineRole></ServiceDefinition>
<?xml version="1.0" encoding="utf-8"?><ServiceConfiguration serviceName="DemoX" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration" osFamily="1" osVersion="*"> <Role name="VMRole1"> <Instances count="2" /> <ConfigurationSettings> <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="UseDevelopmentStorage=true" /> <Setting name="ConnString" value="Foo" /> </ConfigurationSettings>
<OsImage href="baseimage.vhd" /> </Role></ServiceConfiguration>
![Page 19: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/19.jpg)
VMRole Lifecycle
• Create a .vhd in Hyper-V manager, install W2008 R2 as OS.• Install whatever roles, features and apps you want on it.• Turn of automatics updates.• Install Windows Azure VM Role Integration Components.• Run sysprep.exe and bring it down.• Upload the .vhd to Azure (needs a certificate).• Deploy a service configuration (Visual Studio, Managament
Portal or Management API PS commandlets).
21
![Page 20: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/20.jpg)
DEMOVMROLE
![Page 21: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/21.jpg)
System Center Operation Manager - Azure
• Management pack enables Operations Manager customers to monitor the availability and performance of applications that are running on Windows Azure.• Discovery of Windows Azure applications. • Status of each role instance. • Collection and monitoring performance information. • Collection and monitoring of Windows events. • Collection and monitoring of the .NET Framework trace
messages from each role instance. • Change the number of role instances.
23
![Page 22: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/22.jpg)
DEMOSCOM + Azure management pack
![Page 23: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/23.jpg)
Q&A
![Page 24: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/24.jpg)
Stay up to date with TechNet Belux
Register for our newsletters and stay up to date:http://www.technet-newsletters.be
• Technical updates• Event announcements and registration• Top downloads
Join us on Facebookhttp://www.facebook.com/technetbehttp://www.facebook.com/technetbelux
LinkedIn: http://linkd.in/technetbelux/
Twitter: @technetbelux
Download MSDN/TechNet Desktop Gadget
http://bit.ly/msdntngadget
![Page 25: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/25.jpg)
TechDays 2011 On-Demand
• Watch this session on-demand via TechNet Edge http://technet.microsoft.com/fr-be/edge/
http://technet.microsoft.com/nl-be/edge/• Download to your favorite MP3 or video player• Get access to slides and recommended resources by the speakers
![Page 26: Windows Azure for IT Pros](https://reader034.fdocuments.in/reader034/viewer/2022051517/56815a62550346895dc7a27b/html5/thumbnails/26.jpg)
THANK YOU