2013 © Trivadis
BASEL BERN LAUSANNE ZÜRICH DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. HAMBURG MÜNCHEN STUTTGART WIEN
Microsoft Azure IaaS
Networking
Storage
Stefan Geiger
Gerry Keune
@trivadis.com
12.06.2014
Iaas, Networking, Storage
1
2013 © Trivadis
Agenda
1. Virtual Machines
2. Networking
3. Storage
12.06.2014
Iaas, Networking, Storage
2
2013 © Trivadis
Microsoft Azure Virtual Machines
Creation and use of virtual machines in the Cloud (truly IaaS)
Windows Server, Linux
Persistent VM roles
Bring your own or use Microsoft provided
- You update and maintain them !!!
Possible to host:
Active Directory, SharePoint, SQL Server and more…
99.95% SLA on single-instance
Connect to on-premise using
Microsoft Azure Virtual Network
05.06.2014
Iaas, Networking, Storage
3
2013 © Trivadis
Virtual Machines Sizes
05.06.2014
Iaas, Networking, Storage
4
VM Size CPU Cores Memory Bandwidth# Data
Disks
Extra Small Shared 768 MB 5 (Mbps) 1
Small 1 1.75 GB 100 (Mbps) 2
Medium 2 3.5 GB 200 (Mbps) 4
Large 4 7 GB 400 (Mbps) 8
Extra Large 8 14 GB 800 (Mbps) 16
A6 4 28 GB 400 (Mbps) 8
A7 8 56 GB 800 (Mbps) 16
2013 © Trivadis
VM
Microsoft Azure Virtual Machines
05.06.2014
Iaas, Networking, Storage
5
VHD
(Gallery)
VHD
(User)
VM VM
Virtual Machine Management
(Portal / REST API)
RDP/SSH
2013 © Trivadis
VM
Grouping VM‘s
05.06.2014
Iaas, Networking, Storage
6
VM
VM
VM
VM
VM
VM’s in Cloud Service
VIP
VIP
VIP
2013 © Trivadis
Load Balancing (VM’s in Cloud Service)
05.06.2014
Iaas, Networking, Storage
7
VM
VM
VM
VM’s in Cloud Service
VIP
Azure
LB
Port 80
Port 80
Port 80
Port 80
2013 © Trivadis
Virtual Machines Scenarios
Enterprise Application running in the Cloud
Test Environment and Development
Fast and cheap way to emulate
Private / Hybrid Cloud
Disaster Recovery
05.06.2014
Iaas, Networking, Storage
8
2013 © Trivadis
05.06.2014
Iaas, Networking, Storage
9
Demo Virtual Machines
2013 © Trivadis
Agenda
1. Virtual Machines
2. Networking
3. Storage
12.06.2014
Iaas, Networking, Storage
10
2013 © Trivadis
Overview
05.06.2014
Iaas, Networking, Storage
11
Application-Layer Connectivity &
Messaging Service Bus / Hybrid Connection
Data SynchronizationSQL Data Sync
Secure Site-to-Point Connectivity
Virtual Network
Secure Site-to-Site Network Connectivity
Virtual Network
IP-level connectivity
2013 © Trivadis
Virtual Network
Hybrid and Private Cloud scenarios
Connect On-Premise and Cloud applications
A private space dedicated to your company
Virtual network uses IPsec to secure the connection between your
datacenter, through its VPN gateway and Microsoft Azure
Full control of the network topology
configure IP addresses
Upon creation of VM’s they can immediately be added to configured
subnets
05.06.2014
Iaas, Networking, Storage
12
2013 © Trivadis
Virtual Network
Virtual Machines deployed into
a virtual network have
an infinite DHCP lease
05.06.2014
Iaas, Networking, Storage
13
VM1 VM2
(Role)
2013 © Trivadis
Virtual Network VPN Device List
Generic VPN devices must support
IKE v1
AES 128, 256
SHA1, SHA2
05.06.2014
Iaas, Networking, Storage
14
Platform OS Family Examples
ASA 5500 Series (Adaptive
Security Appliances)
ASA Software
8.4+
5505, 5550
ASR 1000 Series
Aggregation Services
Routers
IOS XE 2.1+ 1002
ISR Series Integrated
Services Routers
IOS 12.2+ 2801, 2901,
2911
Platform OS Family Examples
SRX Series Routers JunOS 10.2+ 210, 650
J Series Routers JunOS 9.4+ 4350
ISG Series Routers ScreenOS 6.2+ SX2
SSG Series Routers ScreenOS 6.2+ 550
2013 © Trivadis
Point to Site Connectivity
Provides network-level bridge between cloud and on-premises
environments
Enables cross-premises connectivity
Simple setup and management
- No VPN device or network configuration required
05.06.2014
Iaas, Networking, Storage
15
2013 © Trivadis
05.06.2014
Iaas, Networking, Storage
16
Demo Point to Site Connectivity
2013 © Trivadis
Agenda
1. Virtual Machines
2. Networking
3. Storage
12.06.2014
Iaas, Networking, Storage
17
2013 © Trivadis
Azure Storage
High Accessibility and Scalability
Geo-location and replication support
Data is automatically partitioned and load balanced across servers
200 TB Data per account
Can CDN Enable Account Blobs delivered via 24 global CDN nodes
Can co-locate storage account with compute account
Explicitly or using affinity groups
Storage Libraries in Many Languages
C#/.NET, Python, Perl, JavaScript, PHP and more…
REST/API
12.06.2014
Iaas, Networking, Storage
18
2013 © Trivadis
Azure Storage Abstractions
12.06.2014
Iaas, Networking, Storage
19
2013 © Trivadis
Storage Security
Iaas, Networking, Storage provides simple security for calls to storage
service
HTTPS endpoint
Digitally sign requests for privileged operations
Accounts protected by two independent 512 bit shared secret keys
Can be regenerated independently
More granular security via Shared Access Signatures
Ad-hoc
Policy based
Data Encryption must be managed by yourself !!!
12.06.2014
Iaas, Networking, Storage
20
2013 © Trivadis
Microsoft Azure Blob Storage
Iaas, Networking, Storage
21
Account
roadshow
Container Blob Pages/
Blocks
images
videos
PIC01.jpg
PIC02.jpg
VID1.AVI
Block/Page
1
Block/Page
2
http://<account>.blob.core.windows.net/<container>/<blobname>
12.06.2014
2013 © Trivadis
05.06.2014
Iaas, Networking, Storage
22
Demo Storage Account
2013 © Trivadis
BASEL BERN LAUSANNE ZÜRICH DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. HAMBURG MÜNCHEN STUTTGART WIEN
Thank You Q & A
12.06.2014
Iaas, Networking, Storage
23