Anda di halaman 1dari 59

My Azure Branch Office

- 21/MAI -

www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt


FORMAÇÃO SERVIÇOS EDUCAÇÃO
AGENDA

• 19h00: Bem-vindos ao Braga Open Week

• 19h05: Workshop
1ª Parte: My Azure Branch Office

• 20h10: Coffee Break

• 20h30: Workshop
2ª Parte: My Azure Branch Office

• 21h30: Fim
ABOUT ME

• MCSE: Private Cloud


• MCSA: Office 365
• MCSA 2012: Windows Server 2012
• MCSA 2008: Windows Server 2008
• MCSE 2012: Server Infrastructure
Luis Lima
• Microsoft Certified Trainer
• Vmware Certified Professional 5.5
pt.linkedin.com/in/luisaalima • Information Security Foundation on ISO/IEC 27002
• Certified Ethical Hacker
• ITIL - Operational Support and Analysis
• PRIMERGY Senior Systems Engineer
• Online Storage Systems Engineer
Cloud Services
move save
faster money

The Cloud has changed how we work,


where we work and how we BYOD
do business.
goes
mainstream

integrate
on-premise
apps & scale on
data demand
PLATFORM AS A SERVICE
BUILDING BLOCKS TO TECHNOLOGY SOLUTIONS
COMPLIANCE

Information Effective Government


security controls & industry
standards certifications

ISO 27001 SOC 1 Type 2 FedRAMP/FISMA


SOC 2 Type 2 PCI DSS Level 1
UK G-Cloud
HIPAA/HITECH
CLOUD COMPUTING PATTERNS
MANAGE USING EXISTING TOOLS

Windows Intune

Macs X86/x64 Windows


AD Windows RT
Server 2008
R2
VPN Tunnel
Windows
Phone 8

iOS

Windows Windows Windows Windows Windows Android


Server 2012 Server 2008 Server 2003 Server 2012Server 2012

On Premises Azure Internet


AZURE HYBRID USAGE SCENARIOS

SQL DB Mirroring / AlwaysOn


80/443
VPN Tunnel

Fileservers

Web Based Applications


Cloud Service
THINK AND NOT OR

Virtualization

Identity Data
Platform

DevOps
Development
and mgmt
ESTIMATING CLOUD COSTS

http://www.windowsazure.com/en-us/pricing/calculator/
COST ESTIMATOR TOOL
Azure Networking
HYBRID CLOUD CONNECTIVITY

IP Address Space: 10.1.0.0/16 IP Address Space: 10.2.0.0/16


IP ADDRESSES
MICROSOFT AZURE VIRTUAL NETWORKS

Address spaces: 10.x, 172.16.x and 192.168.x


SUMMARY OF NETWORKING FEATURES

Input Endpoint Internal Endpoint


UDP
Loadbalancing for virtual machines
Custom load balancer probes

Name Resolution

Windows Azure Virtual Network


Windows Azure Traffic Manager
for Hybrid scenarios
DNS SCENARIOS

Azure DNS Resolution of INTERNAL


resources are defined per Cloud Service

One cloud service cannot resolve a SQL
SQL Analysis
Reporting SQL
Service
different cloud service by internal host Service Service

names

Local DNS
DC DNS
Open User Access
Web Tier (Website) VM Role
Active Directory SharePoint
FrontEnd VM Role
UI Process Components
VM Role SQL

SQL Mirroring
On-Premises VM Role
Active Directory Machine
Business Components &
Entities SharePoint
FrontEnd Search and
Active Directory Indes SQL
On-Premises Machine VM Role
SQL Service VM Role
SQL Service
Domain joined to On- Internet VM Role

Premises Network
VM’s
VIRTUAL MACHINES
AVAILABILITY & SERVICE LEVEL AGREEMENT
VIRTUAL MACHINE AVAILABILITY SETS
VIRTUAL MACHINE PORTABILITY
Azure Websites
AZURE WEBSITES FEATURES & CAPABILITIES

Enterprise-class Global scale Built for DevOps


Designed for secure mission-critical applications Optimized for Availability and Automatic scale Agility through Continuous Deployment

Hybrid Connections / VPN Support Automated Deployment Remote Debugging w/ Visual Studio
Scheduled Backup AutoScale Site Staging Slots
Azure Active Directory Integration Built-in Load Balancing Testing in Production
Site Resiliency, HA, and DR WW Datacenter Coverage Continuous Integration/Deployment
Web Jobs End Point Monitoring & Alerts Git, Visual Studio Online and GitHub
Role Base Access Control App Gallery App & Site Diagnostics
Audit / Compliance DR Site Support OS & Framework Patching
Enterprise Migration WildCard Support Site Extensions Gallery
Client Certs Dedicated IP address NET, PHP, Python, Node, Java
Redis Caching HTTP Compression Framework Installer
IP Restrictions/ SSL CDN Support for Websites Browser-based editing
Web Sockets Auto-Healing
SQL, MySQL, DocDB, & Mongo Logging and Auditing
Sticky Sessions
CUSTOMER SCENARIOS
HOW CUSTOMERS ARE USING A ZURE WEBSITES

Corporate Websites Enterprise Web Apps Digital Marketing


Microsoft backed business continuity Optimized for Performance and Automatic scale Agility through Continuous Deployment

.COM sites Employee/Partner apps Campaign sites


eCommerce sites Windows Server 2003R2 EOL Micro / Brand sites
Large events Hybrid Applications Social Media sites
MONITORING

37
HYPER SCALE
WEST US WEST EUROPE
INTELLIGENT CUSTOMER ROUTING WITH TRAFFIC
MANAGER

www.yourapp.com
Azure Backup / Recovery
BUSINESS CONTINUITY CHALLENGES
IMPACT OF DATA GROWTH ON BUSINESS CONTINUITY

Complexity of protecting data and applications

Too much data—often with insufficient protection

Long data-retention requirements

Time-intensive media management

Untested disaster recovery and decreasing recovery confidence

Higher costs as data size and number of virtual machines


increase
PROTECTION THAT EVOLVES WITH YOUR IT
IT SOLUTIONS ARE NOT SILOS—YOUR BUSINESS CONTINUITY
SOLUTIONS SHOULDN’T BE

Physical Virtual Hybrid Cloud Cloud


WINDOWS AZURE BACKUP

Backup datacenter data to Windows using


System Center Data Protection Manager
Backup and recover files/folders from
Windows Server 2012 SP1

Your On-Premises Datacenter

Benefits
Reliable offsite data protection
Simple, familiar, integrated
Efficient backup and recovery
Easy set up
BACKUP OVERVIEW

1 Sign up

2 Install
Agent 3 Register (Certificate)

Agent
Agent
4 Set policy
Agent Windows Server 5 Backup
2012 Data

Data
6 Recovery (same server)
Data
7 Recovery (alternate server)
SAFEGUARD YOUR APPLICATIONS
ON-PREMISES TO MICROSOFT AZURE PROTECTION WITH
AZURE SITE RECOVERY

Microsoft Azure Microsoft Azure


Site Recovery Site Recovery

Orchestration Orchestration
and replication and replication

InMage
Scout
2015

Primary Windows Primary VMware/


site Server site Physical
SQL
SQL SERVER CLOUD CONTINUUM

Hybrid
Shared
Lower cost

Azure SQL Database


Virtualized Databases

SQL Server in Azure VM


Virtualized Machines
Higher cost
Dedicated

SQL Server Private Cloud


Virtualized Machines

SQL Server
Physical Machines

High Control | High Maintenance Low Control | Low Maintenance


MICROSOFT AZURE VMS

VMs hosted on Microsoft Azure Infrastructure (“IaaS”)


• From Microsoft images or your own images
• Fast provisioning (~10 minutes)
• Accessible via RDP and Powershell

Pay per use


• Per minute (only when running)
• Cost depends on size and licensing
• Large discounts for MSDN subscribers!
• You can use your existing SQL licenses
• Network: only outgoing (not incoming)
• Storage: only used (not allocated)

Elasticity
• 1 core / 2GB mem / 1TB   16 cores / 112 GB mem / 16TB
SQL SERVER IN AZURE VMS

Many SQL versions supported


• SQL 2014 (Enterprise / Standard / Web)
• SQL 2012 (Enterprise / Standard / Web)
• SQL 2008 R2 (Enterprise / Standard / Web)

Optimized images
• Transactional Processing or Data Warehousing
• Implement multiple optimizations (e.g. storage pools with multiple disks, best stripe sizes, disk caching, SQL traceflags)

(Almost) 100% compatibility


• SQL Failover Clusters coming soon..
SQL SERVER IN AZURE VMS - DEPLOYMENT

Use a Gallery image Bring your Own Image


• Includes everything you need • Create a VHD (sysprep)
• Engine • Upload to your Azure Storage account
• Reporting Services • Provision VM from VHD
• Analysis Services
• Integration Services
• Management Studio

• Refreshed monthly with latest fixes


SQL SERVER IN AZURE VMS - MIGRATION

Use the Deployment Wizard (SQL Server 2014 Management Studio)


Can be used on previous SQL Server versions

Migrates a DB from on-premise to an existing/new Azure VM


1. Backup DB to a network share
2. Copy backup to Azure Storage
3. Provision new VM or select existing VM
4. Restore DB on VM
SQL SERVER IN AZURE VMS – BUSINESS
CONTINUITY

SQL Server High Availability


• Configure an AlwaysOn Availability Group between VMs in the same region
• Automatic failover on SQL/VM issues (~10 seconds)
• Easily configurable using AlwaysOn Portal Template
Witness

VM

S
P
S
P

VM VM
SQL SERVER IN AZURE VMS – BUSINESS
CONTINUITY

SQL Server Disaster Recovery


• Configure an AlwaysOn Availability Group between VMs in different regions
• Manual Failover (~15 seconds). Test it at any time!
• Using Internal Endpoints
Azure AD
IDENTITY CONSIDERATIONS: CLOUD, SYNC
OR FEDERATED?

Cloud identity provides a


 solution where all identity
resides in the cloud
 Identity sync enables
customers to bridge their
existing identity into the cloud
Federated identity allows
customers to retain all
authentication on-premises
B2B federated identity allows
  customers to securely share and
collaborate with each other
COMMON IDENTITY WITH SYNC AND FEDERATION

Synchronization

User attributes are synchronized including the


password hash, Authentication can be completed
*Write back of attributes to
against either Azure or Windows Server Active
support cloud first and co-existence
Directory

Federation

User attributes are synchronized,


AD FS provides conditional access Authentication is passed back through
to resources, Work Place Join for federation and completed against
device registration and integrated Windows Server Active Directory
Multi-Factor Authentication
*Coming Soon
SELECTION OF PRE-INTEGRATED SAAS APPS
BRAGA OPEN WEEK
PRÓXIMOS WORKSHOPS

• Workshop: A melhor amiga do Utilizador, a Experiência Interativa


22/Maio | 18h30 – 21h30 | FLAG

• Digital Marketing Conference


23/Maio | 9h00 – 17h30 | FLAG

Inscreva-se em: www.rumos.pt/bragaopenweek