Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
If you don’t have access to Azure, set up free trial now.
Azure.com/free
http: / /sof tchoiceimbc.azurewebsi tes.net
Wi-Fi:
MSFTguestEvent Attendee
Code:
mseventxx
SA NAME
Sr. Microsoft Solutions Architect
Softchoice
https://www.linkedin.com/in/
SE NAME
Sr. Microsoft Systems Engineer
Softchoice
https://www.linkedin.com/in/
AGENDA
Registration and Breakfast8:30
Introductions9:00
Lab 0 – Gain Access to the Azure Portal9:15
Azure Concepts9:30
Break10:30
Lab 1: Deploy an Azure Availability Set10:45
What about database?11:15
Working Lunch and Lab:2 Deploy an Azure database12:00
Deploy an Azure Scale Set1:00
Cloud Native Services1:30
Lab 4 Deploy Azure Front Door2:00
Break2:15
Disaster Recovery2:30
Security3:00
Building Scale in Azure12:30
Lab 5: Costing the Solution3:30
Demo: Fully Automated Azure Deployment4:00
Bringing it all together and wrap up4:30
TODAY’S GOAL
Give you the understanding of the
baseline skills required to architect, cost
and deploy Highly Available and
Scalable infrastructure in Azure.
TODAY’S TOPICTHE CIO TASKS YOU WITH THIS STATEMENT:
“We need to make our website more resilient
in Azure by End of Week”
It’s Thursday morning, what do you do?
LAB 0
Setting up a Azure Trial Tenant: (Credit Card is Required)
https://azure.microsoft.com/en-us/free/
https://azure.microsoft.com/en-us/offers/ms-azr-0044p/
Don’t want to setup an Azure Trial Tenant or you wantto keep building your knowledge in Azure:
https://www.microsoft.com/handsonlabs
Concerned about charges:https://docs.microsoft.com/en-us/azure/billing/billing-avoid-charges-free-account
Goal: Gain access tohttps://portal.azure.com/#home
CLOUD DE-MYSTIFIED
WHAT ISTHE CLOUD?
\kloud\ noun
the practice of storing regularly used computer
data on multiple servers that can be accessed
through the Internet
WHAT IS THE CLOUD, REALLY?
a powerful way of
transforming your business
WHAT WE ARE SEEING IN THE INDUSTRY
CL
OU
D
MA
TU
RI
TY
C L O U D A D O P T I O N O V E R T I M E
GETTING STARTED
• First workloads
• Usually IaaS
migrations
• Low optimization
through use of PaaS
TECHNOLOGY
OPTIMIZATION
• Deployment
Automation
• Building new cloud
workloads
• Adopting PaaS
• Azure Services are
all Optimized
CLOUD NATIVE
• Automation of
business processes
• Focused on time to
value reduction
• Optimization of IT
and Dev Operations
(DevOps)
ADVANCED
INTERMEDIATE
EMERGING
Clients are going through a cloud
maturity curve from no cloud to
advanced cloud usage models
A key driver of the move up this
maturity curve is optimization of
technology costs
Goal is to maximize business
effectiveness of technology
CLOUD MIGRATION DRIVERS
Data center
consolidation
Acquisitions or
divestitures
Agility/Dev
productivity
Large scale compute
intensive workloads
Innovation &
digital transformation
Cost
reduction
Facility or real
estate decisions
Co-location or outsourcing
contract changes
CLOUD MATURITY MODEL
EXISTING APPS
ON-PREM
LIFT AND
SHIFT
CLOUD
OPTIMIZED
APP
MODERNIZED
Lift & Shift Minimal
code-changes
Architected for the cloud
modernized/refactor/rewrite
MODERNIZED APPS LEVERAGE SERVERLESS
No servers to provision or manage
Never pay for idle time
Scales with usage
Availability and fault tolerance built in
PIZZA as a SERVICE
Drinks
Table
Oven
Toppings
Sauce
Dough
MADE AT HOME
Drinks
Table
Oven
Toppings
Sauce
Dough
TAKE AND BAKE
Drinks
Table
Oven
Toppings
Sauce
Dough
DELIVERY
Drinks
Table
Oven
Toppings
Sauce
Dough
DINING OUT
ON-PREMISES IaaS PaaS SaaS
You provide Vendor provides
HIGH AVAILABILITY
Adding redundant systems to
ultimately increase reliability. Often
defined in terms of 9s and based
on service provider ’s Service Level
Agreement (SLA)
HIGH AVAILABILITY BY THE 9’S
Acceptable Compromise
99.5% = 1d 19h 49m
AVAILABILITY – ALLOTTED DOWNTIME PER YEAR
AVAILABILITY TIME NOTAVAILABLE PER YEAR
99% 3d 15h 40m
99.9% 8h 46m
99.95% 4.38h
99.99% 52m 36s
99.999% 5m 15s
SERVICE LEVELAGREEMENT (SLA)
TAKE VIRTUAL MACHINES AS AN EXAMPLE:
For all Virtual Machines that have two or more instances deployed across two or more Availability Zones
in the same Azure region, we guarantee you will have Virtual Machine Connectivity to at least one
instance at least 99.99% of the time. 5.26 minutes a year
For all Virtual Machines that have two or more instances deployed in the same Availability Set, we
guarantee you will have Virtual Machine Connectivity to at least one instance at least 99.95% of the
time. 4.38 hours a year
For any Single Instance Virtual Machine using premium storage for all Operating System Disks and Data
Disks, we guarantee you will have Virtual Machine Connectivity of at least 99.9%. 8.76 hours a year
AVAILABILITY IS DEFINED BY THE OUTCOME OF ARCHITECTUREhttps://azure.microsoft.com/en-us/support/legal/sla/
1.6million miles of fiber
Terrestrial Network
Subsea Network
Edge Node
CDN Locations
Datacenter
Internet Exchange
AZURE GEOGRAPHIES
DEFINITION:
A geography is a discrete market, typically containing
two or more regions, that preserves data residency and
compliance boundaries.
Geographies allow customers with specific data-residency
and compliance needs to keep their data and applications
close. Geographies are fault-tolerant to withstand complete
region failure through their connection to our dedicated
high-capacity networking infrastructure.
AZURE REGION
DEFINITION:
A region is a set of datacenters deployed within a latency-
defined perimeter and connected through a dedicated
regional low-latency network.
For all Virtual Machines that have two or more instances
deployed across two or more Availability Zones in the same
Azure region, we guarantee you will have Virtual Machine
Connectivity to at least one instance at least 99.99% of the
time. 5.26 minutes a year
REGIONS PAIRED FOR GEO-REDUNDANCY
Geo replication
Designed for high data availability, resiliency against regional disasters
Geo-replicated data still within national boundaries for 8 countries
AVAILABILITY ZONE
DEFINITION:
Availability Zones are physically separate locations within
an Azure region. Each Availability Zone is made up of one
or more datacenters equipped with independent power,
cooling, and networking.
Availability Zones allow customers to run mission-critical
applications with high availability and low-latency replication.
For all Virtual Machines that have two or more instances
deployed across two or more Availability Zones in the same
Azure region, we guarantee you will have Virtual Machine
Connectivity to at least one instance at least 99.99% of the
time. 5.26 minutes a year
HIGH AVAILABILITY
SOLUTION
SINGLE SITEMySQL
APP TIER
WEB TIER
PHP PHP
DB TIER
HYPERVISO
R
VMWare ESX
On-Premises (London)
LinuxApache
LinuxApache
HIGH AVAILABILITY SOLUTION – MULTI REGION
DATA RESIDENCY BOUNDARY
REGION 1 REGION 2Achieve full resiliency with data residency
Pair region and Availability Zones
within the same data residency
boundary for high availability,
desaster recovery, and backup
AVAILABILITY SET
DEFINITION:
A group with two or more virtual machines in the same
Data Center is called Availability Set, this ensures that at
least one of the virtual machines hosted on Azure will be
available if something happens.
Behind the scenes an availability set is a kind of clustering
with hot sync between VMs.
For all Virtual Machines that have two or more instances
deployed in the same Availability Set, we guarantee you will
have Virtual Machine Connectivity to at least one instance
at least 99.95% of the time. 4.38 hours a year of downtime
SINGLE INSTANCE
VIRTUAL MACHINE (VM)
For any Single Instance Virtual Machine using premium
storage (Managed Disks) for all Operating System Disks and
Data Disks, we guarantee you will have Virtual Machine
Connectivity of at least 99.9%. 8.76 hours a year of
downtime
BUILD OUT THE SCENARIO
OUR SCENARIO:
For all Virtual Machines that have two or more instances
deployed in the same Availability Set, we guarantee you will
have Virtual Machine Connectivity to at least one instance
at least 99.95% of the time. 4.38 hours a year
Your manager said this: “We need to make our website
more resilient in Azure by End of Week”
After some research you learn that the organization
is bound by a uptime requirement of 99.95%.
LAB 1:SETUPAZURE AVAILABILITY SET FOR YOUR APPLICATIONhttp://softchoiceimbc.azurewebsites.net
15 minute break
30 minutes to complete
HAVE YOU HEARD THE NEWS?
Support for Windows Server 2008 and Windows
Server 2008 R2 ends soon
Learn more about the Windows Server support lifecycle: support.microsoft.com/lifecycle/
2017 2018 2019 2020 2021 2022 2023
Windows Server
2008 and 2008 R2
Windows Server
2012
Windows Server
2016
Mainstream SupportEnds January 2018
Mainstream SupportEnds January 2021
Extended SupportEnds January 2023
Extended SupportEnds January 2026
Extended SupportEnds January 14, 2020
WHAT DOES THIS MEAN?
SQL 2008/R2 Support WILL END in July 2019
NO SECURITY
UPDATES
There will be no
access to critical security
updates, opening the
potential for business
interruptions
COMPLIANCE
CONCERNS
As support ends, your
organization will likely
fail to meet regulatory
standards compliance
(GDPR and others)
HIGHER
MAINTENANCE COSTS
Maintaining legacy
servers, firewalls,
intrusion systems, etc.
gets expensive
quickly
DATA PLATFORM CONTINUUM
S H A R E D
L O W E R C O S T
D E D I C A T E D
H I G H E R C O S T
H I G H E R
A D M I N I S T R A T I O N
O N P R E M I S E S H Y B R I D C L O U D O F F P R E M I S E S
L O W E R
A D M I N I S T R A T I O N
PLATFORM AS A
SERVICE
SOFTWARE AS
A SERVICE
SQL Server
Physical Machines (raw iron)
SQL Server Private Cloud
Virtualized Machines + AppliancesPHYSICAL
SQL Server in Azure VM
Virtualized MachinesVIRTUAL
Azure SQL Database
Virtualized Databases
INFRASTRUCTURE
AS A SERVICE
THE “EVOLUTION” OF DATA PLATFORMS
ON-PREMISES
• What media should Iuse to keep backup?
• What size of servers should I buy?
• How can I scalemy database?
• Do I need secondarynetwork connection?
• Are my servers in a secure location?
• Who has physical access to my servers?
• It takes how long to provision a new server?
• How often shouldI patch my servers?
• What happens if the power goes out?
• Who monitors my Servers?
• How many servers do I need?
• Which OSshould I use?
• Do I need a UPS?• What storage
I need to use?
• How can I increase server utilization?
• What is the right size of serversfor my business needs?
• Which packages shouldbe on my server?
• Who monitors my database?
• What happens in case of server hardware failure?
• How often should Ibackup my server?
THE “EVOLUTION” OF DATA PLATFORMS
ON-PREMISES IAAS
• What is the right size of servers for my business needs?
• How can I increase server utilization?
• How many servers do I need?
• How can I scale my database?
• How often should I patch my servers?
• How often should I backup my server?
• When should I upgrade my database?
• How do I deploy new databases to my server?
• Which OS should I use?
• Who monitors my database?
THE “EVOLUTION” OF DATA PLATFORMS
ON-PREMISES IAAS PAAS
• What is the right size of “servers” for my business needs?
• How can I increase “server” utilization?
• How can I scale my database?
AZURE SQL DATABASE
A relational database-as-a-service (“PaaS”), fully managed by Microsoft.
Note: New features will be in SQL Database before SQL Server!
• Self-service restore
• Disaster recovery
• Compliance-enabled
• Familiar & compatible
• Programmatic
• Self-managed
FAMILIAR &SELF-MANAGED
• Predictable performance levels
• Programmatic scale-out
• Dashboard views of DB metrics
ELASTIC SCALE& PERFORMANCE
BUSINESS CONTINUITY& DATA PROTECTION
For cloud-designed apps when near-zero administration and enterprise-grade capabilities are key.
Perfect for organizations looking to dramatically increase the DB:IT ratio.
AZURE SQL DATABASE MANAGED INSTANCE
BEST FOR MODERNIZATION
Managed Instance
Instance scoped programming model with high
compatibility to on-premises databases
Single
Standalone managed database best for
predictable and stable workloads
Elastic pool
Shared resource model best for greater
efficiency through multi-tenancy
AZURE SQL DATABASE SLA’S
AZURE SQL Database Business Critical or Premium tiers configured as Zone Redundant
Deployments have an availability guarantee of at least 99.995%. 26.18 minutes a year
AZURE SQL Database Business Critical or Premium tiers not configured for Zone Redundant
Deployments, General Purpose, Standard, or Basic tiers, or Hyperscale tier with two or more replicas
have an availability guarantee of at least 99.99%. 52.6 minutes a year
AZURE SQL Database Hyperscale tier with one replica has an availability guarantee of at least
99.95% and 99.9% for zero replicas. 4.38 hours a year
EASY MIGRATION:
Nearly 100% like SQL Server
• CLR modules
Supports compatibility modes (SQL Server 2005+), Instance sizes up to 8TB
Data migration
• Native backup/restore
• Log shipping (DMS)
Programmability
• Global temp tables
• Cross-database
queries and
transactions
• Linked servers
Security
• TDE
• SQL Audit
• Row level security
• Always Encrypted
Operational
• DMVs & XEvents
• Query Store
• SQL Agent
• DB Mail
(external SMTP)
Scenario enablers
• Service Broker
• Change Data Capture
• Transactional Replication
AZURE SQL DATABASE HYPERSCALE
Adapts on-demand to your workload’s needs, auto-scaling
up to 100TB per database.
BEST FOR VLDB workloads with highly scalable storage and read-scale requirements, optimized for OLTP and HTAP workloads.
Reliable and available
• Multiple levels of redundancy
• No single points of failure
• 99.99% availability
Scalable
• Auto-scales quickly up to
100TB
• Data size and cores
scale independently
• No size of data operations
High performance
• Low latency, high throughput
for large databases
• Snapshot-based backups – no
impact on query performance
• Rapid database restore
More choices and full integration into Azure’s ecosystem and services
AZURE DATABASE SERVICES FORMYSQL,POSTGRESQL, AND MARIADB
Managed community
MySQL, PostgreSQL,
and MariaDB
Languages and
frameworks
of your choice
Scale in seconds
with built-in high
availability
Secure and
compliant
Industry-leading
global reach
My
EASY LIFT AND SHIFT ENTERPRISE READY
THE MODERN DATA ESTATE
Reason over any data, anywhere Security and privacyFlexibility of choice
ON-PREMISESPrivate cloud
Operational databases
Data warehouses
Data lakes
CLOUD
Operational databases
Data warehouses
Data lakes
HYBRID
THE MODERN DATA ESTATE
Reason over any data, anywhere Security and privacyFlexibility of choice
Any language, any platform, anywhere More certifications than any other cloudAI built-in
AZURE DATA SERVICES
DATA WAREHOUSES2x the global reach
Azure SQL Data Warehouse
DATA LAKES99.9% SLA
Azure Data Lake, HDInsight
OPERATIONAL DATABASES70% faster than competition
Azure SQL Database
Industry leading SLAs
Azure Cosmos DB
THE MODERN DATA ESTATE
Reason over any data, anywhere Security and privacyFlexibility of choice
Any language, any platform, anywhere VNet isolationInsight across your data estate
DATA WAREHOUSES
DATA LAKES
OPERATIONAL DATABASESEasiest lift & shift with no code changes
Stretch on-premises data to cloud
HYBRID
Cloud DR and backup
Hybrid use rights for best TCO
WEIGHING YOUR OPTIONS
Is it time to move to the cloud?
REFACTOR, REARCHITECT,
OR REBUILD
By migrating to cloud you can
take advantage of extended
support for 2008 in Azure
REHOST
Migrate Windows Server and
SQL Server 2008 and 2008 R2
workloads to Azure VM
MIGRATE OR
UPGRADE
Upgrade to Windows Server
2016 and SQL Server 2017 and
get cloud and DevOps ready
TRANSFORM WITH AZURE OR AWS ON-PREMISES
Public Cloud Accelerator SQL Accelerator
OPTIMIZE WITH A MODERN DATA PLATFORM
Easy lift and shift
to the cloud
Modernize to
SQL Server 2017
SQL Server 2017
Linux or Windows
Unmatched performance
Most secure
Azure Database Services
Existing
deployments
Running on:
SQL Server 2008+
Oracle 9.3+
MySQL
Azure Database for
MySQL + PostgreSQL
Elastic scale without downtime
MySQL + PostgreSQL
compatibility
Azure SQL Data Warehouse
Elastic scale without downtime
Threat detection, pause compute
Azure SQL Database
Elastic scale without downtime
Threat Detection, self-tuning
Azure Cosmos DB
Turnkey global distribution
APIs for MongoDB, Graph,
Tables
Intelligence built-in (R, Python)
Mobile BI
Leading TCO
EASY LIFTAND SHIFT TO THE CLOUD
LIFT AND SHIFT SQL SERVER DBS WITHOUT APP REDESIGN
SQLAgent, 3 part name, CLR, Log shipping, Transaction Replication, CDC, Service broker
Ensure security and Azure VNet isolation
Move your entire fleet at once
Database Migration Services (DMS)
Use existing SQL Server licenses
VNet
BUILD OUT THE SCENARIO
YOUR MANAGER SAID THIS:
“We need to make our website more resilient in Azure by End of Week”After some research you learn that the organization is bound by a
uptime requirement of 99.95%.
OUR SCENARIO:
We will deploy a Azure SQL Database. Azure SQL Database Hyperscale tier with
one replica has an availability guarantee of at least 99.95%. 4.38 hours a year
LAB 2:DEPLOYAZURE DATABASEhttp://softchoiceimbc.azurewebsites.net
30 minutes for lunch
30 minutes for the lab
ELASTICITYAND SCALABILITY
SCALABILITYIncludes the ability to increase workload size within existing
infrastructure without impacting performance.
EXAMPLE – We are out of capacity and need to grow the application
ELASTICITYIncludes the ability to dynamically increase or decrease workload
size within existing infrastructure without impacting performance.
EXAMPLE – There is a seasonal spike and we need to be ready
AZURE AUTOSCALEAzure Monitor Autoscale is a built-in feature of certain Azure services that helps
applications perform their best as demand changes. (supported in IaaS, PaaS, SaaS)
AZURE AUTOSCALE APPLIES ONLY TO:
Virtual Machine Scale Sets
Cloud Services
App Service - Web Apps
API Management services
KEY SCENARIOS:
Maximize app responsiveness
Scale by any metric
Anticipate load with different schedules
Save money by not wasting servers
Dev-test at day, shut down at night
AZURE SCALE SET
Azure virtual machine scale sets let you
create and manage a group of identical,
load balanced VMs (IaaS).
The number of VM instances can automatically increase
or decrease (Elasticity) in response to demand or a defined
schedule. Scale sets provide high availability to your
applications, and allow you to centrally manage, configure,
and update a large number of VMs.
With virtual machine scale sets, you can build large-
scale services for areas such as compute, big data,
and container workloads.
AZURE SCALE SET (CONTINUED)
Why use virtual machine scale sets?
To provide redundancy and improved performance, applications
are typically distributed across multiple instances.
KEY SCENARIOS:
Easy to create and manage multiple VMs
Provides high availability and application resiliency
Allows your application to automatically scale as resource demand changes
Works at large-scale
BUILD OUT THE SCENARIO
YOUR MANAGER SAID THIS:
“We need to make our website more resilient in Azure by End of Week”Your website is impacted by seasonality. Your peak season starts in 2 weeks.
OUR SCENARIO:
We will deploy a Scale Set for the Website VMs. The database we just built will
leverage a PaaS solution that scale and elasticity is enabled.
Moving beyond traditional on-premise models in
the cloudWe just spent a few hours looking at building out HA and scale leveraging the traditional IaaS model.
Now let's look at what adopting some cloud native PaaS and SaaS services would look like for your webserver/application.
These services can be deployed in a Hybrid Mix of
services and we will just outline a few of the most
popular or common architectural options for a website
LOAD BALANCING SERVICES IN AZURE
Azure has three FOUR cloud native services for load balancing.
Traffic
Manager
Load
Balancer
Azure
Front Door
NEW
Application
Gateway
Azure Application Gateway is a web traffic
load balancer that enables you to manage
traffic to your web applications. This can
perform these duties on-premises as well
as in the cloud.
AZURE APPLICATION GATEWAY
Azure Traffic Manager is a DNS-based
traffic load balancer that enables you to
distribute traffic optimally to services across
global Azure regions, while providing high
availability and responsiveness. This can
perform these duties on premise as well as
in the cloud.
AZURE TRAFFIC MANAGER
With Azure Load Balancer, you can scale your
applications and create high availability for your
services. Load Balancer supports inbound and
outbound scenarios, provides low latency and
high throughput, and scales up to millions of
flows for all TCP and UDP applications.
AZURE LOAD BALANCING
LOAD BALANCING SERVICES EXAMPLE
In this example scenario, we use a simple website that serves two types of content: images and
dynamically rendered webpages. The website must be geographically redundant, and it should serve
its users from the closest (lowest latency) location to them. The application developer has decided
that any URLs that match the pattern /images/* are served from a dedicated pool of VMs that are
different from the rest of the web farm.
Additionally, the default VM pool serving the dynamic content needs to talk to a back-end
database that is hosted on a high-availability cluster. The entire deployment is set up through
Azure Resource Manager.
LOAD BALANCING SERVICES ARCHITECTURE
Image Server Pool Image Server Pool
Load Balancer
Database tier
Web tier
/images/* Other requests
AppGW
Image Server Pool Image Server Pool
Load Balancer
Database tier
Web tier
/images/* Other requests
AppGW
TRAFFIC
MANAGER
REGION 1 REGION 2
AZURE FRONT DOOR
Azure Front Door Service enables you to define, manage, and
monitor the global routing for your web traffic by optimizing
for best performance and instant global failover for high
availability. With Front Door, you can transform your global
(multi-region) consumer and enterprise applications into
robust, high-performance personalized modern applications,
APIs, and content that reach a global audience with Azure.
Simply – Azure Front door leverages Application Gateways,
Traffic Manager, Web Application Firewall, and Load
Balancer all back ended by Azure Application Insights to
provide actionable metrics
BRAND
NEW
STATIC WEBHOSTING IN AZURE STORAGE
You can serve static content (HTML, CSS,
JavaScript, and image files) directly from a
storage container named $web.
Hosting your content in Azure Storage enables
you to use serverless architectures that include
Azure Functions and other Platform as a service
(PaaS) services.
AZURE FUNCTIONS
Azure Functions is a solution for easily running
small pieces of code, or “functions,” in the cloud.
You can write just the code you need for the
problem at hand, without worrying about a whole
application or the infrastructure to run it.
Functions can make development even more
productive, and you can use your development
language of choice, such as C#, Java, JavaScript,
Python, or PHP. Pay only for the time your code
runs and trust Azure to scale as needed.
Azure Functions lets you develop serverless
applications on Microsoft Azure.
AZURE APP SERVICE
Azure App Service is an HTTP-based service for
hosting web applications, REST APIs, and mobile back
ends. You can develop in your favorite language, be it
.NET, .NET Core, Java, Ruby, Node.js, PHP, or Python.
Applications run and scale with ease on both Windows
and Linux-based environments.
Azure Content Delivery Network (CDN) is a global
CDN solution for delivering high-bandwidth content.
It can be hosted in Azure or any other location.
With Azure CDN, you can cache static objects loaded
from Azure Blob storage, a web application, or any
publicly accessible web server, by using the closest
point of presence (POP) server.
AZURE CONTENT DELIVERY NETWORK- CDN
CDN BENEFITS
Better performance and improved user experience for
end users, especially when using applications in which
multiple round-trips are required to load content.
Distribution of user requests and serving of content
directly from edge servers so that less traffic is sent
to the origin server.
Large scaling to better handle instantaneous high
loads, such as the start of a product launch event.
IN SUMMARY
As you can see there are multiple cloud native services
that you can leverage to add scale and resiliency
to your website/applications and these services are
typically more cost effective than the same build out
using IaaS technologies with better SLA’s.
DISASTER RECOVERY & BUSINESS CONTINUITY
BUSINESS CONTINUITY planning (or business continuity
and resiliency planning) is the process of creating systems of prevention
and recovery to deal with potential threats to a company. ...As such, BCP is
a subset of risk management.
A DISASTER RECOVERY PLAN (DRP) is a documented
process or set of procedures to recover and protect a business IT infrastructure
in the event of a disaster. Such a plan, ordinarily documented in written form,
specifies procedures an organization is to follow in the event of a disaster.
DISASTER RECOVERY
RECOVERY TIME OBJECTIVE (RTO)The recovery time objective is the targeted duration of time and a service level
within which a business process must be restored after a disaster (or
disruption) in order to avoid unacceptable consequences associated with a
break in business continuity. How long will recovery take?
RECOVERY POINT OBJECTIVE (RPO)A Recovery Point Objective is defined by the age of files that must be recovered
from backup storage for normal operations to resume if a computer, system,
or network goes down as a result of a hardware, program, or communications
failure. How much data can you handle loosing? Time between backups.
DISASTER RECOVERY as a SERVICEAZURE SITE RECOVERY
Prevent downtime from disrupting your business
Simple, automated disaster recovery from the cloud to protect applications
Provides application-consistent recovery of critical workloads
Leverage current investments
Orchestrate one-click recovery even
for complex multi-tier applications
Ensure more applications meet your compliance requirements On-premises/cloud Datacenter
Pro
du
cti
on
En
vir
on
me
nt
Downtime
Automated
Policy-based
Orchestrated
Encrypted
Azure
App n
Exchange SAP
SharePoint
APPLICATION DR WITH ASR
DB Tier
App Tier
Web Tier
Active Directory
PRIMARY SITE AZURE
ASR
REPLICATIO
N
AZURE SITE
RECOVERY
Azure StorageASR
REPLICATIO
N
ASR
REPLICATIO
N
APPLICATION DR WITH ASR
DB Tier
App Tier
Web Tier
Active Directory
PRIMARY SITE
IaaS VM
IaaS VM
AZURE
S2S VPN
AD & ASR
REPLICATIO
N
ASR
REPLICATIO
N
SQL
AVAILABILIT
Y GROUP
Azure Storage
AZURE SITE
RECOVERY
High availability
When your applications
have a catastrophic failure, run a second instance
Disaster recovery
When your applications have a
catastrophic failure, run them in Azure or a secondary datacenter
Backup
When your data is
corrupted, deleted or lost you can restore it
BUSINESS CONTINUITY STRATEGYYOU NEED ALL THREE
Secondary sitePrimary sitePrimary site
DATA DATA
Original Backup
DECISION TIME
Understand what you need for High Availability based on the architecture that provides the necessary SLA.
Understand the Disaster Recovery Scenario that will protect you based on the business RTOs and RPOs
These data points will define the complete architecture
Securing Privileged Access
Office 365 Security
Rapid Cyberattacks (Wannacrypt/Petya)
Office 365
Dynamics 365
+Monito
r
Azure Sentinel – Cloud Native SIEM and SOAR (Preview)
SQL Encryption &
Data Masking
Data Loss
Protection
Data Governance
eDiscovery
Azure Security Center provides unified
security management that helps you prevent,
detect, and respond to threats and vulnerabilities
by giving you increased visibility into, and control
over, the security of your Azure resources.
S E C U R I T Y C E N T E R
AZURE SECURITY CENTER:
HOW IT WORKS
Azure Security Center stores that data in Azure
Log Analytics
Azure Security Center analytics engines analyze the
data and machine learning synthesizes it. Security
Center provides recommendations and threat alerts
for protecting your workloads.
How Security Center works
When you activate Security Center, a monitoring agent
is deployed automatically into Azure virtual machines.
Security Center begins assessing the security state of
all your VMs, networks, applications, and data.
Security Center provides you with a bird’s eye security
posture view across your Azure environment, enabling
you to continuously monitor and improve your security
posture using the Azure secure score.
Security Center helps you identify and perform the
hardening tasks recommended as security best
practices and implement them across your machines,
data services, and apps.
This includes managing and enforcing your security
policies and making sure your Azure Virtual Machine
instances, non-Azure servers, and Azure PaaS
services are compliant.
AZURE SECURITY:
CLOUD SECURITY POSTURE MANAGEMENT
Security Center’s threat protection enables you
to detect and prevent threats at the infrastructure-as-a-
service (IaaS) layer as well as in platform-as-a-service
(PaaS) resources like Azure IoT and Azure App Service
and on-premises virtual machines.
Key features of Security Center threat protection
include config monitoring, server endpoint detection
and response (EDR), application control, network
segmentation, and is extending to support container and
serverless workloads.
AZURE SECURITY:
CLOUD WORKLOAD PROTECTION
Security Center includes capabilities that
identify breaches and anomalous activities
against your SQL databases, data warehouse,
and storage accounts.
Security Center helps you perform automatic
classification of your data in Azure SQL database.
AZURE SECURITY:
DATA SECURITY
AZURE SECURITY:
SHARED RESPONSIBILITIES
RESPONSABILITY ZONES Microsoft Customer
Physical datacenter
Transfer to Cloud ProviderPhysical network
Physical hosts
Operating system
Varies by Service TypeNetwork controls
Application
Identity & directory
infrastructure
Account & access
management
Always retained by customer
Data governance &
rights management
Responsibility SaaS PaaS Iaas On-prem
Client endpoints
S E C U R I T Y S U M M A R Y
The Microsoft security Eco System is growing with
features and capabilities at lightning speed. Ensure you are
taking advantage of these services in the cloud from the free
services up to the paid components.
DO YOU WANT MORE COSTING THE SOLUTION?
SOFTCHOICE HAS A RECENT WEBINAR ON THIS
TOPIC THAT CAN BE FOUND ON YOUTUBE IN THE
SOFTCHOICE TV CHANNEL.
Search for the Live Demo: How to Cost A Solution in Azure
https://www.youtube.com/watch?v=9QSQ9ifBhWg
© D. Fletcher for CloudTweaks.com
WHAT IS DEVOPS?
We need some new Jargon, the
public are starting to understand
what we’re talking about
DevOps - DEFINITION
DevOps is the union of people, process, and technology to enable continuous
delivery of value to customers. DevOps, a compound of dev (development) and
ops (operations), is a software development practice that unifies development and
IT operations. The meaning signifies coordination and collaboration among formerly
siloed disciplines. Quality engineering and security teams also become part of the
broader team in the DevOps model.
DevOps is the combination of cultural philosophies, practices, and tools that
increases an organization’s ability to deliver modern applications of greater quality
with higher velocity, than organizations using traditional software development and
infrastructure management practices
A WORKING DEFINITION
DevOps is the combination of cultural philosophies,
practices, and tools that increases an organization’s ability
to deliver modern applications of greater quality with higher
velocity, than organizations using traditional software
development and infrastructure management practices.
VALUE OF DevOps
Improve Customer Experience!
Increase Agility
• Innovate at a faster pace
• Fail faster and cheaper
• Improve time to market
Improve Software Quality
• Reduce bugs
• Reduce the MTTR
• Improve stability of code and infrastructure
• Reduce risk
AUTOMATE EVERYTHING
Within any software release process there are bottlenecks
that slow things down affecting quality and efficiency
DEVELOPMENT DEPLOYMENT OPERATIONS
INFRASTRUCTURE AS CODE
Automate the deployment, provisioning
and configuration of entire
infrastructure.
Automation gives you the following benefits
• Reliability ( no human error )
• Environment consistency (Deploy identical
infrastructure across environments - Dev, QA, Stage,
Prod etc.)
• Repeatability and Scalability (bring up
environments automatically, anything manual is not
scalable)
• Change control and Governance (Audit changes, track
and maintain different versions of code).
AZURE TEMPLATES
GROWING COMMUNITY
250 unique templates
170 unique contributors
5,000 visitors each day
4,500 commits
AZURE RESOURCE MANAGER TEMPLATESARM TEMPLATES CAN:
Simplify deployment
Simplify roll-back
Provide cross-resource configuration and update support
Be used as a learning tool to build to suit
AZURE TEMPLATES ARE:
Source file, checked-in
Simplify roll-back
Specifies resources and dependencies(VMs, websites, DBs) and connections(configuration, LB sets)
Configurable parametersfor input/output
SQL-A WEBSITE VIRTUAL MACHINES
SQL configuration
Depends on SQL Depends on SQL
REPEATABLE CONFIGURATION
Configuration > Resource GroupSQL-A WEBSITE
[SQL CONFIG] VM (2x)
ARM template
JSON FILES — SIMPLER THANTHEY LOOK
Schema, content
version, parameters,
variables, resources,
and outputs
Frequency of deployments
Mean time to recover/ repair/ resolve (MTTR)
System Availability / uptime
Service performance
User experience (customer complaints)
Lead Time
MEASURE ALL THINGSYOU CANNOT MANAGE WHAT YOU DON’T MEASURE.
CONCEPT OF AN AUTOMATED PIPELINE
Loads of Testing, Measurements & feedback
Commit + Build Predictable Release
CONTINUOUS INTEGRATION (CI)
CI is a software development practice where developers
regularly create and merge code changes into a central
repository after which automated builds and unit tests are
run to validate the sanity of the check-in. Developers are
then notified automatically of pass or fail.
CONTINUOUS DEPLOYMENT (CD)
It is a software development practice where deployment
artifacts from CI are catalogued and automatically tested
(functional, system, stress, performance, user acceptance)
and deployed to staging and production.
WHY IS CULTURE SO IMPORTANT?
Organizations currently using DevOps
will not be delivering the benefits stated
in the original business cases
– Gartner [2017]
50%
SUMMARY
DevOps is the combination of:
Philosophies/ Tenets
• Culture that nurtures collaboration, common
goals, KPI, and empathy.
• Commit early and often
• Automate and measure everything
Practices / Processes
• Software release pipeline
• Continuous Integration, Continuous Deployment
Developer Tools
• IDE, Code repository/ Version control, CI
services, CD Services
WHAT DOES THIS MEAN?
Microsoft has validated Softchoice as a Managed Services Provider for the
delivery of high-fidelity managed services on Azure. Benefits include:
Migration Factory Security Event Management
Cloud Governance Self-Service Automation
Event Management Application Performance Monitoring
SOFTCHOICE PUBLIC CLOUD TECHNOLOGY REVIEW
PLANNING ASSESSMENT SET OUT TO ANSWER THREE QUESTIONS
Scan and assess current
workloads as candidates to move to Azure
What are the costs and
configuration to run the targets on Azure?
What are the ripe targets
for migration
STAGES OFADOPTION- PUBLIC CLOUD
Time
Ad
op
tio
n
Gap Analysis
• Understand the financial impact• What do we have today?• Where do we want to be?
• Detailed Inventory• Options & Recommendations• Estimated Cost
Get Moving
• Use a production workload• Who’s our cross-Functional Team?• What best practices will we follow?
• Contracts & Procurement• Setup Environment• Knowledge Sharing
Plan• Understand your applications• What are our roadblocks to adoption?• What will our strategy cost the business?
• Application Focused Roadmap• Architecture and Design• Detailed Cost Analysis
Migration• Leverage scripts & blueprints• Do we have the right skills on my team?• What tools will we use for deployment?
• Build Scripts & Templates• Implement & Migrate• Educate & Share
Optimize• Use real-time insight• How will we measure and report?• How will our team adapt to the change?
• Mentorship & Insight• Ongoing Management• Live Support
Assessment Services TechCheck Assessment
Professional and Keystone Services Jumpstart AcceleratorGet Moving Offering
Professional ServicesAzure IaaS AnalyzerWorkload Analyzer
Professional ServicesWorkload Migration AcceleratorCloud Foundation Accelerator
Keystone Managed ServicesKeystone for AzureAzure CSP
How Softchoice helps Softchoice Offering
SQL ACCELERATOR
ASSESS
Discovery of the source SQL
solution details and dependent
applications
ARCHITECT
Use reference architectures to
design a supported SQL solution
end state and a migration plan
MIGRATE
Migrate or Upgrade the SQL
database to target platform while
maintaining application functions
SOFTCHOICE MANAGED CLOUD SERVICES:
COST MANAGEMENT
• Cloud budgeting, providing insights
to historical and future cloud spend
• Automated cost allocation, enabling
charge backs and visibility to cloud
cost by project and department
• Ongoing optimization and
mentorship, through sharing trends,
insights and recommendations
SUPPORT AND MENTORSHIP
• Access to 24x7 certified cloud
experts for support and mentorship
• Facilitated sessions to enable
successful cloud adoption
aligned to your cloud strategy
• Monthly newsletters, webinars,
best practice whitepapers, blogs
OPERATIONAL MANAGEMENT
• Implementation of cloud
management standards and
operational best practices
• Ongoing 24x7 remediation of
performance and availability issues
• Identity and Access Management
• Snapshot and Restoration services
• Operating system security patching