If you don’t have access to Azure, set up free trial now.

Azure.com/free

http: / /sof tchoiceimbc.azurewebsi tes.net

Wi-Fi:

MSFTguestEvent Attendee

Code:

mseventxx

BUILDING RESILIENCY AND

SCALE IN THE CLOUD

AZURE BOOTCAMPSO F TCH O I CE

SA NAME

Sr. Microsoft Solutions Architect

Softchoice

https://www.linkedin.com/in/

SE NAME

Sr. Microsoft Systems Engineer

Softchoice

https://www.linkedin.com/in/

AGENDA

Registration and Breakfast8:30

Introductions9:00

Lab 0 – Gain Access to the Azure Portal9:15

Azure Concepts9:30

Break10:30

Lab 1: Deploy an Azure Availability Set10:45

What about database?11:15

Working Lunch and Lab:2 Deploy an Azure database12:00

Deploy an Azure Scale Set1:00

Cloud Native Services1:30

Lab 4 Deploy Azure Front Door2:00

Break2:15

Disaster Recovery2:30

Security3:00

Building Scale in Azure12:30

Lab 5: Costing the Solution3:30

Demo: Fully Automated Azure Deployment4:00

Bringing it all together and wrap up4:30

TODAY’S GOAL

Give you the understanding of the

baseline skills required to architect, cost

and deploy Highly Available and

Scalable infrastructure in Azure.

Pop Quiz:

Where are you at on your cloud journey?

TODAY’S TOPICTHE CIO TASKS YOU WITH THIS STATEMENT:

“We need to make our website more resilient

in Azure by End of Week”

It’s Thursday morning, what do you do?

LAB 0:GAIN ACCESS TO AZURE PORTALhttp://softchoiceimbc.azurewebsites.net

15 minutes to complete

LAB 0

Setting up a Azure Trial Tenant: (Credit Card is Required)

https://azure.microsoft.com/en-us/free/

https://azure.microsoft.com/en-us/offers/ms-azr-0044p/

Don’t want to setup an Azure Trial Tenant or you wantto keep building your knowledge in Azure:

https://www.microsoft.com/handsonlabs

Concerned about charges:https://docs.microsoft.com/en-us/azure/billing/billing-avoid-charges-free-account

Goal: Gain access tohttps://portal.azure.com/#home

PUBLIC CLOUDUNDERSTANDING THE CONCEPTS

CLOUD DE-MYSTIFIED

WHAT ISTHE CLOUD?

\kloud\ noun

the practice of storing regularly used computer

data on multiple servers that can be accessed

through the Internet

WHAT IS THE CLOUD, REALLY?

a powerful way of

transforming your business

The Cloud should NOT be this….

WHAT WE ARE SEEING IN THE INDUSTRY

CL

OU

D

MA

TU

RI

TY

C L O U D A D O P T I O N O V E R T I M E

GETTING STARTED

• First workloads

• Usually IaaS

migrations

• Low optimization

through use of PaaS

TECHNOLOGY

OPTIMIZATION

• Deployment

Automation

• Building new cloud

workloads

• Adopting PaaS

• Azure Services are

all Optimized

CLOUD NATIVE

• Automation of

business processes

• Focused on time to

value reduction

• Optimization of IT

and Dev Operations

(DevOps)

ADVANCED

INTERMEDIATE

EMERGING

Clients are going through a cloud

maturity curve from no cloud to

advanced cloud usage models

A key driver of the move up this

maturity curve is optimization of

technology costs

Goal is to maximize business

effectiveness of technology

CLOUD MIGRATION DRIVERS

Data center

consolidation

Acquisitions or

divestitures

Agility/Dev

productivity

Large scale compute

intensive workloads

Innovation &

digital transformation

Cost

reduction

Facility or real

estate decisions

Co-location or outsourcing

contract changes

CLOUD MATURITY MODEL

EXISTING APPS

ON-PREM

LIFT AND

SHIFT

CLOUD

OPTIMIZED

APP

MODERNIZED

Lift & Shift Minimal

code-changes

Architected for the cloud

modernized/refactor/rewrite

MODERNIZED APPS LEVERAGE SERVERLESS

No servers to provision or manage

Never pay for idle time

Scales with usage

Availability and fault tolerance built in

PIZZA as a SERVICE

Drinks

Table

Oven

Toppings

Sauce

Dough

MADE AT HOME

Drinks

Table

Oven

Toppings

Sauce

Dough

TAKE AND BAKE

Drinks

Table

Oven

Toppings

Sauce

Dough

DELIVERY

Drinks

Table

Oven

Toppings

Sauce

Dough

DINING OUT

ON-PREMISES IaaS PaaS SaaS

You provide Vendor provides

HIGH AVAILABILITY

Adding redundant systems to

ultimately increase reliability. Often

defined in terms of 9s and based

on service provider ’s Service Level

Agreement (SLA)

HIGH AVAILABILITY BY THE 9’S

Acceptable Compromise

99.5% = 1d 19h 49m

AVAILABILITY – ALLOTTED DOWNTIME PER YEAR

AVAILABILITY TIME NOTAVAILABLE PER YEAR

99% 3d 15h 40m

99.9% 8h 46m

99.95% 4.38h

99.99% 52m 36s

99.999% 5m 15s

SERVICE LEVELAGREEMENT (SLA)

TAKE VIRTUAL MACHINES AS AN EXAMPLE:

For all Virtual Machines that have two or more instances deployed across two or more Availability Zones

in the same Azure region, we guarantee you will have Virtual Machine Connectivity to at least one

instance at least 99.99% of the time. 5.26 minutes a year

For all Virtual Machines that have two or more instances deployed in the same Availability Set, we

guarantee you will have Virtual Machine Connectivity to at least one instance at least 99.95% of the

time. 4.38 hours a year

For any Single Instance Virtual Machine using premium storage for all Operating System Disks and Data

Disks, we guarantee you will have Virtual Machine Connectivity of at least 99.9%. 8.76 hours a year

AVAILABILITY IS DEFINED BY THE OUTCOME OF ARCHITECTUREhttps://azure.microsoft.com/en-us/support/legal/sla/

1.6million miles of fiber

Terrestrial Network

Subsea Network

Edge Node

CDN Locations

Datacenter

Internet Exchange

AZURE GEOGRAPHIES

DEFINITION:

A geography is a discrete market, typically containing

two or more regions, that preserves data residency and

compliance boundaries.

Geographies allow customers with specific data-residency

and compliance needs to keep their data and applications

close. Geographies are fault-tolerant to withstand complete

region failure through their connection to our dedicated

high-capacity networking infrastructure.

AZURE REGION

DEFINITION:

A region is a set of datacenters deployed within a latency-

defined perimeter and connected through a dedicated

regional low-latency network.

For all Virtual Machines that have two or more instances

deployed across two or more Availability Zones in the same

Azure region, we guarantee you will have Virtual Machine

Connectivity to at least one instance at least 99.99% of the

time. 5.26 minutes a year

AZURE REGION

Regions

Worldwide54 Available in

140 countries140

REGIONS PAIRED FOR GEO-REDUNDANCY

Geo replication

Designed for high data availability, resiliency against regional disasters

Geo-replicated data still within national boundaries for 8 countries

AVAILABILITY ZONE

DEFINITION:

Availability Zones are physically separate locations within

an Azure region. Each Availability Zone is made up of one

or more datacenters equipped with independent power,

cooling, and networking.

Availability Zones allow customers to run mission-critical

applications with high availability and low-latency replication.

For all Virtual Machines that have two or more instances

deployed across two or more Availability Zones in the same

Azure region, we guarantee you will have Virtual Machine

Connectivity to at least one instance at least 99.99% of the

time. 5.26 minutes a year

HIGH AVAILABILITY

SOLUTION

SINGLE SITEMySQL

APP TIER

WEB TIER

PHP PHP

DB TIER

HYPERVISO

R

VMWare ESX

On-Premises (London)

LinuxApache

LinuxApache

HIGH AVAILABILITY SOLUTION – MULTI REGION

DATA RESIDENCY BOUNDARY

REGION 1 REGION 2Achieve full resiliency with data residency

Pair region and Availability Zones

within the same data residency

boundary for high availability,

desaster recovery, and backup

AVAILABILITY SET

DEFINITION:

A group with two or more virtual machines in the same

Data Center is called Availability Set, this ensures that at

least one of the virtual machines hosted on Azure will be

available if something happens.

Behind the scenes an availability set is a kind of clustering

with hot sync between VMs.

For all Virtual Machines that have two or more instances

deployed in the same Availability Set, we guarantee you will

have Virtual Machine Connectivity to at least one instance

at least 99.95% of the time. 4.38 hours a year of downtime

SINGLE INSTANCE

VIRTUAL MACHINE (VM)

For any Single Instance Virtual Machine using premium

storage (Managed Disks) for all Operating System Disks and

Data Disks, we guarantee you will have Virtual Machine

Connectivity of at least 99.9%. 8.76 hours a year of

downtime

BUILD OUT THE SCENARIO

OUR SCENARIO:

For all Virtual Machines that have two or more instances

deployed in the same Availability Set, we guarantee you will

have Virtual Machine Connectivity to at least one instance

at least 99.95% of the time. 4.38 hours a year

Your manager said this: “We need to make our website

more resilient in Azure by End of Week”

After some research you learn that the organization

is bound by a uptime requirement of 99.95%.

LAB 1:SETUPAZURE AVAILABILITY SET FOR YOUR APPLICATIONhttp://softchoiceimbc.azurewebsites.net

15 minute break

30 minutes to complete

WHAT ABOUT THE DATABASES?

HAVE YOU HEARD THE NEWS?

Support for Windows Server 2008 and Windows

Server 2008 R2 ends soon

Learn more about the Windows Server support lifecycle: support.microsoft.com/lifecycle/

2017 2018 2019 2020 2021 2022 2023

Windows Server

2008 and 2008 R2

Windows Server

2012

Windows Server

2016

Mainstream SupportEnds January 2018

Mainstream SupportEnds January 2021

Extended SupportEnds January 2023

Extended SupportEnds January 2026

Extended SupportEnds January 14, 2020

WHAT DOES THIS MEAN?

SQL 2008/R2 Support WILL END in July 2019

NO SECURITY

UPDATES

There will be no

access to critical security

updates, opening the

potential for business

interruptions

COMPLIANCE

CONCERNS

As support ends, your

organization will likely

fail to meet regulatory

standards compliance

(GDPR and others)

HIGHER

MAINTENANCE COSTS

Maintaining legacy

servers, firewalls,

intrusion systems, etc.

gets expensive

quickly

DATA PLATFORM CONTINUUM

S H A R E D

L O W E R C O S T

D E D I C A T E D

H I G H E R C O S T

H I G H E R

A D M I N I S T R A T I O N

O N P R E M I S E S H Y B R I D C L O U D O F F P R E M I S E S

L O W E R

A D M I N I S T R A T I O N

PLATFORM AS A

SERVICE

SOFTWARE AS

A SERVICE

SQL Server

Physical Machines (raw iron)

SQL Server Private Cloud

Virtualized Machines + AppliancesPHYSICAL

SQL Server in Azure VM

Virtualized MachinesVIRTUAL

Azure SQL Database

Virtualized Databases

INFRASTRUCTURE

AS A SERVICE

THE “EVOLUTION” OF DATA PLATFORMS

ON-PREMISES

• What media should Iuse to keep backup?

• What size of servers should I buy?

• How can I scalemy database?

• Do I need secondarynetwork connection?

• Are my servers in a secure location?

• Who has physical access to my servers?

• It takes how long to provision a new server?

• How often shouldI patch my servers?

• What happens if the power goes out?

• Who monitors my Servers?

• How many servers do I need?

• Which OSshould I use?

• Do I need a UPS?• What storage

I need to use?

• How can I increase server utilization?

• What is the right size of serversfor my business needs?

• Which packages shouldbe on my server?

• Who monitors my database?

• What happens in case of server hardware failure?

• How often should Ibackup my server?

THE “EVOLUTION” OF DATA PLATFORMS

ON-PREMISES IAAS

• What is the right size of servers for my business needs?

• How can I increase server utilization?

• How many servers do I need?

• How can I scale my database?

• How often should I patch my servers?

• How often should I backup my server?

• When should I upgrade my database?

• How do I deploy new databases to my server?

• Which OS should I use?

• Who monitors my database?

THE “EVOLUTION” OF DATA PLATFORMS

ON-PREMISES IAAS PAAS

• What is the right size of “servers” for my business needs?

• How can I increase “server” utilization?

• How can I scale my database?

THE “EVOLUTION” OF DATA PLATFORMS

ON-PREMISES IAAS PAAS PAAS

How do I architect my database?

AZURE SQL DATABASE

A relational database-as-a-service (“PaaS”), fully managed by Microsoft.

Note: New features will be in SQL Database before SQL Server!

• Self-service restore

• Disaster recovery

• Compliance-enabled

• Familiar & compatible

• Programmatic

• Self-managed

FAMILIAR &SELF-MANAGED

• Predictable performance levels

• Programmatic scale-out

• Dashboard views of DB metrics

ELASTIC SCALE& PERFORMANCE

BUSINESS CONTINUITY& DATA PROTECTION

For cloud-designed apps when near-zero administration and enterprise-grade capabilities are key.

Perfect for organizations looking to dramatically increase the DB:IT ratio.

AZURE SQL DATABASE MANAGED INSTANCE

BEST FOR MODERNIZATION

Managed Instance

Instance scoped programming model with high

compatibility to on-premises databases

Single

Standalone managed database best for

predictable and stable workloads

Elastic pool

Shared resource model best for greater

efficiency through multi-tenancy

AZURE SQL DATABASE SLA’S

AZURE SQL Database Business Critical or Premium tiers configured as Zone Redundant

Deployments have an availability guarantee of at least 99.995%. 26.18 minutes a year

AZURE SQL Database Business Critical or Premium tiers not configured for Zone Redundant

Deployments, General Purpose, Standard, or Basic tiers, or Hyperscale tier with two or more replicas

have an availability guarantee of at least 99.99%. 52.6 minutes a year

AZURE SQL Database Hyperscale tier with one replica has an availability guarantee of at least

99.95% and 99.9% for zero replicas. 4.38 hours a year

EASY MIGRATION:

Nearly 100% like SQL Server

• CLR modules

Supports compatibility modes (SQL Server 2005+), Instance sizes up to 8TB

Data migration

• Native backup/restore

• Log shipping (DMS)

Programmability

• Global temp tables

• Cross-database

queries and

transactions

• Linked servers

Security

• TDE

• SQL Audit

• Row level security

• Always Encrypted

Operational

• DMVs & XEvents

• Query Store

• SQL Agent

• DB Mail

(external SMTP)

Scenario enablers

• Service Broker

• Change Data Capture

• Transactional Replication

AZURE SQL DATABASE HYPERSCALE

Adapts on-demand to your workload’s needs, auto-scaling

up to 100TB per database.

BEST FOR VLDB workloads with highly scalable storage and read-scale requirements, optimized for OLTP and HTAP workloads.

Reliable and available

• Multiple levels of redundancy

• No single points of failure

• 99.99% availability

Scalable

• Auto-scales quickly up to

100TB

• Data size and cores

scale independently

• No size of data operations

High performance

• Low latency, high throughput

for large databases

• Snapshot-based backups – no

impact on query performance

• Rapid database restore

More choices and full integration into Azure’s ecosystem and services

AZURE DATABASE SERVICES FORMYSQL,POSTGRESQL, AND MARIADB

Managed community

MySQL, PostgreSQL,

and MariaDB

Languages and

frameworks

of your choice

Scale in seconds

with built-in high

availability

Secure and

compliant

Industry-leading

global reach

My

EASY LIFT AND SHIFT ENTERPRISE READY

THE MODERN DATA ESTATE

Reason over any data, anywhere Security and privacyFlexibility of choice

ON-PREMISESPrivate cloud

Operational databases

Data warehouses

Data lakes

CLOUD

Operational databases

Data warehouses

Data lakes

HYBRID

THE MODERN DATA ESTATE

Reason over any data, anywhere Security and privacyFlexibility of choice

Any language, any platform, anywhere More certifications than any other cloudAI built-in

AZURE DATA SERVICES

DATA WAREHOUSES2x the global reach

Azure SQL Data Warehouse

DATA LAKES99.9% SLA

Azure Data Lake, HDInsight

OPERATIONAL DATABASES70% faster than competition

Azure SQL Database

Industry leading SLAs

Azure Cosmos DB

THE MODERN DATA ESTATE

Reason over any data, anywhere Security and privacyFlexibility of choice

Any language, any platform, anywhere VNet isolationInsight across your data estate

DATA WAREHOUSES

DATA LAKES

OPERATIONAL DATABASESEasiest lift & shift with no code changes

Stretch on-premises data to cloud

HYBRID

Cloud DR and backup

Hybrid use rights for best TCO

WEIGHING YOUR OPTIONS

Is it time to move to the cloud?

REFACTOR, REARCHITECT,

OR REBUILD

By migrating to cloud you can

take advantage of extended

support for 2008 in Azure

REHOST

Migrate Windows Server and

SQL Server 2008 and 2008 R2

workloads to Azure VM

MIGRATE OR

UPGRADE

Upgrade to Windows Server

2016 and SQL Server 2017 and

get cloud and DevOps ready

TRANSFORM WITH AZURE OR AWS ON-PREMISES

Public Cloud Accelerator SQL Accelerator

OPTIMIZE WITH A MODERN DATA PLATFORM

Easy lift and shift

to the cloud

Modernize to

SQL Server 2017

SQL Server 2017

Linux or Windows

Unmatched performance

Most secure

Azure Database Services

Existing

deployments

Running on:

SQL Server 2008+

Oracle 9.3+

MySQL

Azure Database for

MySQL + PostgreSQL

Elastic scale without downtime

MySQL + PostgreSQL

compatibility

Azure SQL Data Warehouse

Elastic scale without downtime

Threat detection, pause compute

Azure SQL Database

Elastic scale without downtime

Threat Detection, self-tuning

Azure Cosmos DB

Turnkey global distribution

APIs for MongoDB, Graph,

Tables

Intelligence built-in (R, Python)

Mobile BI

Leading TCO

EASY LIFTAND SHIFT TO THE CLOUD

LIFT AND SHIFT SQL SERVER DBS WITHOUT APP REDESIGN

SQLAgent, 3 part name, CLR, Log shipping, Transaction Replication, CDC, Service broker

Ensure security and Azure VNet isolation

Move your entire fleet at once

Database Migration Services (DMS)

Use existing SQL Server licenses

VNet

BUILD OUT THE SCENARIO

YOUR MANAGER SAID THIS:

“We need to make our website more resilient in Azure by End of Week”After some research you learn that the organization is bound by a

uptime requirement of 99.95%.

OUR SCENARIO:

We will deploy a Azure SQL Database. Azure SQL Database Hyperscale tier with

one replica has an availability guarantee of at least 99.95%. 4.38 hours a year

LAB 2:DEPLOYAZURE DATABASEhttp://softchoiceimbc.azurewebsites.net

30 minutes for lunch

30 minutes for the lab

PUBLIC CLOUDUNDERSTANDING HOW TO BUILD IN SCALE

ELASTICITYAND SCALABILITY

SCALABILITYIncludes the ability to increase workload size within existing

infrastructure without impacting performance.

EXAMPLE – We are out of capacity and need to grow the application

ELASTICITYIncludes the ability to dynamically increase or decrease workload

size within existing infrastructure without impacting performance.

EXAMPLE – There is a seasonal spike and we need to be ready

AZURE AUTOSCALEAzure Monitor Autoscale is a built-in feature of certain Azure services that helps

applications perform their best as demand changes. (supported in IaaS, PaaS, SaaS)

AZURE AUTOSCALE APPLIES ONLY TO:

Virtual Machine Scale Sets

Cloud Services

App Service - Web Apps

API Management services

KEY SCENARIOS:

Maximize app responsiveness

Scale by any metric

Anticipate load with different schedules

Save money by not wasting servers

Dev-test at day, shut down at night

AZURE SCALE SET

Azure virtual machine scale sets let you

create and manage a group of identical,

load balanced VMs (IaaS).

The number of VM instances can automatically increase

or decrease (Elasticity) in response to demand or a defined

schedule. Scale sets provide high availability to your

applications, and allow you to centrally manage, configure,

and update a large number of VMs.

With virtual machine scale sets, you can build large-

scale services for areas such as compute, big data,

and container workloads.

AZURE SCALE SET (CONTINUED)

Why use virtual machine scale sets?

To provide redundancy and improved performance, applications

are typically distributed across multiple instances.

KEY SCENARIOS:

Easy to create and manage multiple VMs

Provides high availability and application resiliency

Allows your application to automatically scale as resource demand changes

Works at large-scale

BUILD OUT THE SCENARIO

YOUR MANAGER SAID THIS:

“We need to make our website more resilient in Azure by End of Week”Your website is impacted by seasonality. Your peak season starts in 2 weeks.

OUR SCENARIO:

We will deploy a Scale Set for the Website VMs. The database we just built will

leverage a PaaS solution that scale and elasticity is enabled.

LAB 3:DEPLOYA SCALE SET IN AZUREhttp://softchoiceimbc.azurewebsites.net

30 minutes for the lab

CLOUD NATIVE SERVICES

THE COOL STUFF BEGINS HERE.

Moving beyond traditional on-premise models in

the cloudWe just spent a few hours looking at building out HA and scale leveraging the traditional IaaS model.

Now let's look at what adopting some cloud native PaaS and SaaS services would look like for your webserver/application.

These services can be deployed in a Hybrid Mix of

services and we will just outline a few of the most

popular or common architectural options for a website

LOAD BALANCING SERVICES IN AZURE

Azure has three FOUR cloud native services for load balancing.

Traffic

Manager

Load

Balancer

Azure

Front Door

NEW

Application

Gateway

Azure Application Gateway is a web traffic

load balancer that enables you to manage

traffic to your web applications. This can

perform these duties on-premises as well

as in the cloud.

AZURE APPLICATION GATEWAY

Azure Traffic Manager is a DNS-based

traffic load balancer that enables you to

distribute traffic optimally to services across

global Azure regions, while providing high

availability and responsiveness. This can

perform these duties on premise as well as

in the cloud.

AZURE TRAFFIC MANAGER

With Azure Load Balancer, you can scale your

applications and create high availability for your

services. Load Balancer supports inbound and

outbound scenarios, provides low latency and

high throughput, and scales up to millions of

flows for all TCP and UDP applications.

AZURE LOAD BALANCING

LOAD BALANCING SERVICES EXAMPLE

In this example scenario, we use a simple website that serves two types of content: images and

dynamically rendered webpages. The website must be geographically redundant, and it should serve

its users from the closest (lowest latency) location to them. The application developer has decided

that any URLs that match the pattern /images/* are served from a dedicated pool of VMs that are

different from the rest of the web farm.

Additionally, the default VM pool serving the dynamic content needs to talk to a back-end

database that is hosted on a high-availability cluster. The entire deployment is set up through

Azure Resource Manager.

LOAD BALANCING SERVICES ARCHITECTURE

Image Server Pool Image Server Pool

Load Balancer

Database tier

Web tier

/images/* Other requests

AppGW

Image Server Pool Image Server Pool

Load Balancer

Database tier

Web tier

/images/* Other requests

AppGW

TRAFFIC

MANAGER

REGION 1 REGION 2

AZURE FRONT DOOR

Azure Front Door Service enables you to define, manage, and

monitor the global routing for your web traffic by optimizing

for best performance and instant global failover for high

availability. With Front Door, you can transform your global

(multi-region) consumer and enterprise applications into

robust, high-performance personalized modern applications,

APIs, and content that reach a global audience with Azure.

Simply – Azure Front door leverages Application Gateways,

Traffic Manager, Web Application Firewall, and Load

Balancer all back ended by Azure Application Insights to

provide actionable metrics

BRAND

NEW

STATIC WEBHOSTING IN AZURE STORAGE

You can serve static content (HTML, CSS,

JavaScript, and image files) directly from a

storage container named $web.

Hosting your content in Azure Storage enables

you to use serverless architectures that include

Azure Functions and other Platform as a service

(PaaS) services.

AZURE FUNCTIONS

Azure Functions is a solution for easily running

small pieces of code, or “functions,” in the cloud.

You can write just the code you need for the

problem at hand, without worrying about a whole

application or the infrastructure to run it.

Functions can make development even more

productive, and you can use your development

language of choice, such as C#, Java, JavaScript,

Python, or PHP. Pay only for the time your code

runs and trust Azure to scale as needed.

Azure Functions lets you develop serverless

applications on Microsoft Azure.

AZURE APP SERVICE

Azure App Service is an HTTP-based service for

hosting web applications, REST APIs, and mobile back

ends. You can develop in your favorite language, be it

.NET, .NET Core, Java, Ruby, Node.js, PHP, or Python.

Applications run and scale with ease on both Windows

and Linux-based environments.

Azure Content Delivery Network (CDN) is a global

CDN solution for delivering high-bandwidth content.

It can be hosted in Azure or any other location.

With Azure CDN, you can cache static objects loaded

from Azure Blob storage, a web application, or any

publicly accessible web server, by using the closest

point of presence (POP) server.

AZURE CONTENT DELIVERY NETWORK- CDN

CDN BENEFITS

Better performance and improved user experience for

end users, especially when using applications in which

multiple round-trips are required to load content.

Distribution of user requests and serving of content

directly from edge servers so that less traffic is sent

to the origin server.

Large scaling to better handle instantaneous high

loads, such as the start of a product launch event.

IN SUMMARY

As you can see there are multiple cloud native services

that you can leverage to add scale and resiliency

to your website/applications and these services are

typically more cost effective than the same build out

using IaaS technologies with better SLA’s.

LAB 4:DEPLOY AZURE FRONT DOORhttp://softchoiceimbc.azurewebsites.net

30 minutes for the lab

DISASTER RECOVERY IN AZURE

WE STILL NEED TO THINK ABOUT DR

DISASTER RECOVERY & BUSINESS CONTINUITY

BUSINESS CONTINUITY planning (or business continuity

and resiliency planning) is the process of creating systems of prevention

and recovery to deal with potential threats to a company. ...As such, BCP is

a subset of risk management.

A DISASTER RECOVERY PLAN (DRP) is a documented

process or set of procedures to recover and protect a business IT infrastructure

in the event of a disaster. Such a plan, ordinarily documented in written form,

specifies procedures an organization is to follow in the event of a disaster.

DISASTER RECOVERY

RECOVERY TIME OBJECTIVE (RTO)The recovery time objective is the targeted duration of time and a service level

within which a business process must be restored after a disaster (or

disruption) in order to avoid unacceptable consequences associated with a

break in business continuity. How long will recovery take?

RECOVERY POINT OBJECTIVE (RPO)A Recovery Point Objective is defined by the age of files that must be recovered

from backup storage for normal operations to resume if a computer, system,

or network goes down as a result of a hardware, program, or communications

failure. How much data can you handle loosing? Time between backups.

DISASTER RECOVERY as a SERVICEAZURE SITE RECOVERY

Prevent downtime from disrupting your business

Simple, automated disaster recovery from the cloud to protect applications

Provides application-consistent recovery of critical workloads

Leverage current investments

Orchestrate one-click recovery even

for complex multi-tier applications

Ensure more applications meet your compliance requirements On-premises/cloud Datacenter

Pro

du

cti

on

En

vir

on

me

nt

Downtime

Automated

Policy-based

Orchestrated

Encrypted

Azure

App n

Exchange SAP

SharePoint

APPLICATION DR WITH ASR

DB Tier

App Tier

Web Tier

Active Directory

PRIMARY SITE AZURE

ASR

REPLICATIO

N

AZURE SITE

RECOVERY

Azure StorageASR

REPLICATIO

N

ASR

REPLICATIO

N

APPLICATION DR WITH ASR

DB Tier

App Tier

Web Tier

Active Directory

PRIMARY SITE

IaaS VM

IaaS VM

AZURE

S2S VPN

AD & ASR

REPLICATIO

N

ASR

REPLICATIO

N

SQL

AVAILABILIT

Y GROUP

Azure Storage

AZURE SITE

RECOVERY

High availability

When your applications

have a catastrophic failure, run a second instance

Disaster recovery

When your applications have a

catastrophic failure, run them in Azure or a secondary datacenter

Backup

When your data is

corrupted, deleted or lost you can restore it

BUSINESS CONTINUITY STRATEGYYOU NEED ALL THREE

Secondary sitePrimary sitePrimary site

DATA DATA

Original Backup

DECISION TIME

Understand what you need for High Availability based on the architecture that provides the necessary SLA.

Understand the Disaster Recovery Scenario that will protect you based on the business RTOs and RPOs

These data points will define the complete architecture

WHAT ABOUT

SECURITY

UNDERSTANDING THE CONCEPTS

Securing Privileged Access

Office 365 Security

Rapid Cyberattacks (Wannacrypt/Petya)

Office 365

Dynamics 365

+Monito

r

Azure Sentinel – Cloud Native SIEM and SOAR (Preview)

SQL Encryption &

Data Masking

Data Loss

Protection

Data Governance

eDiscovery

Azure Security Center provides unified

security management that helps you prevent,

detect, and respond to threats and vulnerabilities

by giving you increased visibility into, and control

over, the security of your Azure resources.

S E C U R I T Y C E N T E R

AZURE SECURITY CENTER:

HOW IT WORKS

Azure Security Center stores that data in Azure

Log Analytics

Azure Security Center analytics engines analyze the

data and machine learning synthesizes it. Security

Center provides recommendations and threat alerts

for protecting your workloads.

How Security Center works

When you activate Security Center, a monitoring agent

is deployed automatically into Azure virtual machines.

Security Center begins assessing the security state of

all your VMs, networks, applications, and data.

Security Center provides you with a bird’s eye security

posture view across your Azure environment, enabling

you to continuously monitor and improve your security

posture using the Azure secure score.

Security Center helps you identify and perform the

hardening tasks recommended as security best

practices and implement them across your machines,

data services, and apps.

This includes managing and enforcing your security

policies and making sure your Azure Virtual Machine

instances, non-Azure servers, and Azure PaaS

services are compliant.

AZURE SECURITY:

CLOUD SECURITY POSTURE MANAGEMENT

Security Center’s threat protection enables you

to detect and prevent threats at the infrastructure-as-a-

service (IaaS) layer as well as in platform-as-a-service

(PaaS) resources like Azure IoT and Azure App Service

and on-premises virtual machines.

Key features of Security Center threat protection

include config monitoring, server endpoint detection

and response (EDR), application control, network

segmentation, and is extending to support container and

serverless workloads.

AZURE SECURITY:

CLOUD WORKLOAD PROTECTION

Security Center includes capabilities that

identify breaches and anomalous activities

against your SQL databases, data warehouse,

and storage accounts.

Security Center helps you perform automatic

classification of your data in Azure SQL database.

AZURE SECURITY:

DATA SECURITY

AZURE SECURITY:

SHARED RESPONSIBILITIES

RESPONSABILITY ZONES Microsoft Customer

Physical datacenter

Transfer to Cloud ProviderPhysical network

Physical hosts

Operating system

Varies by Service TypeNetwork controls

Application

Identity & directory

infrastructure

Account & access

management

Always retained by customer

Data governance &

rights management

Responsibility SaaS PaaS Iaas On-prem

Client endpoints

S E C U R I T Y S U M M A R Y

The Microsoft security Eco System is growing with

features and capabilities at lightning speed. Ensure you are

taking advantage of these services in the cloud from the free

services up to the paid components.

LAB 5:COSTING THE SOLUTIONhttp://softchoiceimbc.azurewebsites.net

30 minutes for the lab

DO YOU WANT MORE COSTING THE SOLUTION?

SOFTCHOICE HAS A RECENT WEBINAR ON THIS

TOPIC THAT CAN BE FOUND ON YOUTUBE IN THE

SOFTCHOICE TV CHANNEL.

Search for the Live Demo: How to Cost A Solution in Azure

https://www.youtube.com/watch?v=9QSQ9ifBhWg

UNDERSTANDING THE CONCEPTS

DevOps

© D. Fletcher for CloudTweaks.com

WHAT IS DEVOPS?

We need some new Jargon, the

public are starting to understand

what we’re talking about

DevOps - DEFINITION

DevOps is the union of people, process, and technology to enable continuous

delivery of value to customers. DevOps, a compound of dev (development) and

ops (operations), is a software development practice that unifies development and

IT operations. The meaning signifies coordination and collaboration among formerly

siloed disciplines. Quality engineering and security teams also become part of the

broader team in the DevOps model.

DevOps is the combination of cultural philosophies, practices, and tools that

increases an organization’s ability to deliver modern applications of greater quality

with higher velocity, than organizations using traditional software development and

infrastructure management practices

A WORKING DEFINITION

DevOps is the combination of cultural philosophies,

practices, and tools that increases an organization’s ability

to deliver modern applications of greater quality with higher

velocity, than organizations using traditional software

development and infrastructure management practices.

VALUE OF DevOps

Improve Customer Experience!

Increase Agility

• Innovate at a faster pace

• Fail faster and cheaper

• Improve time to market

Improve Software Quality

• Reduce bugs

• Reduce the MTTR

• Improve stability of code and infrastructure

• Reduce risk

DevOps TENANTS

CULTURE OF

COLLABORATION

AUTOMATE:

EVERYTHING

MEASURE:

ALL THINGS

A SOLID FOUNDATION

AUTOMATION MEASUREMENT

CULTURE

AUTOMATE EVERYTHING

Within any software release process there are bottlenecks

that slow things down affecting quality and efficiency

DEVELOPMENT DEPLOYMENT OPERATIONS

INFRASTRUCTURE AS CODE

Automate the deployment, provisioning

and configuration of entire

infrastructure.

Automation gives you the following benefits

• Reliability ( no human error )

• Environment consistency (Deploy identical

infrastructure across environments - Dev, QA, Stage,

Prod etc.)

• Repeatability and Scalability (bring up

environments automatically, anything manual is not

scalable)

• Change control and Governance (Audit changes, track

and maintain different versions of code).

AZURE TEMPLATES

GROWING COMMUNITY

250 unique templates

170 unique contributors

5,000 visitors each day

4,500 commits

AZURE RESOURCE MANAGER TEMPLATESARM TEMPLATES CAN:

Simplify deployment

Simplify roll-back

Provide cross-resource configuration and update support

Be used as a learning tool to build to suit

AZURE TEMPLATES ARE:

Source file, checked-in

Simplify roll-back

Specifies resources and dependencies(VMs, websites, DBs) and connections(configuration, LB sets)

Configurable parametersfor input/output

SQL-A WEBSITE VIRTUAL MACHINES

SQL configuration

Depends on SQL Depends on SQL

REPEATABLE CONFIGURATION

Configuration > Resource GroupSQL-A WEBSITE

[SQL CONFIG] VM (2x)

ARM template

JSON FILES — SIMPLER THANTHEY LOOK

Schema, content

version, parameters,

variables, resources,

and outputs

Frequency of deployments

Mean time to recover/ repair/ resolve (MTTR)

System Availability / uptime

Service performance

User experience (customer complaints)

Lead Time

MEASURE ALL THINGSYOU CANNOT MANAGE WHAT YOU DON’T MEASURE.

CONCEPT OF AN AUTOMATED PIPELINE

Loads of Testing, Measurements & feedback

Commit + Build Predictable Release

CONTINUOUS INTEGRATION (CI)

CI is a software development practice where developers

regularly create and merge code changes into a central

repository after which automated builds and unit tests are

run to validate the sanity of the check-in. Developers are

then notified automatically of pass or fail.

CONTINUOUS DEPLOYMENT (CD)

It is a software development practice where deployment

artifacts from CI are catalogued and automatically tested

(functional, system, stress, performance, user acceptance)

and deployed to staging and production.

WHY IS CULTURE SO IMPORTANT?

Organizations currently using DevOps

will not be delivering the benefits stated

in the original business cases

– Gartner [2017]

50%

SUMMARY

DevOps is the combination of:

Philosophies/ Tenets

• Culture that nurtures collaboration, common

goals, KPI, and empathy.

• Commit early and often

• Automate and measure everything

Practices / Processes

• Software release pipeline

• Continuous Integration, Continuous Deployment

Developer Tools

• IDE, Code repository/ Version control, CI

services, CD Services

INTERACTIVEDEMONSTRATION

FULLY AUTOMATED DEPLOYMENT

WRAP-UP

WHAT IS NEW WITH SOFTCHOICE?

Softchoice is now

a Microsoft Azure

Expert MSP

WHAT DOES THIS MEAN?

Microsoft has validated Softchoice as a Managed Services Provider for the

delivery of high-fidelity managed services on Azure. Benefits include:

Migration Factory Security Event Management

Cloud Governance Self-Service Automation

Event Management Application Performance Monitoring

SOFTCHOICE MARKETING EVENTSSOFTCHOICE.COM/EVENTS

AZURE - FREE SERVICES

AZURE HEAT MAPWHAT IS MICROSOFT FOCUSING ON

https://azureheatmap.azurewebsites.net

AZURE UPDATES

SOFTCHOICE PUBLIC CLOUD TECHNOLOGY REVIEW

PLANNING ASSESSMENT SET OUT TO ANSWER THREE QUESTIONS

Scan and assess current

workloads as candidates to move to Azure

What are the costs and

configuration to run the targets on Azure?

What are the ripe targets

for migration

STAGES OFADOPTION- PUBLIC CLOUD

Time

Ad

op

tio

n

Gap Analysis

• Understand the financial impact• What do we have today?• Where do we want to be?

• Detailed Inventory• Options & Recommendations• Estimated Cost

Get Moving

• Use a production workload• Who’s our cross-Functional Team?• What best practices will we follow?

• Contracts & Procurement• Setup Environment• Knowledge Sharing

Plan• Understand your applications• What are our roadblocks to adoption?• What will our strategy cost the business?

• Application Focused Roadmap• Architecture and Design• Detailed Cost Analysis

Migration• Leverage scripts & blueprints• Do we have the right skills on my team?• What tools will we use for deployment?

• Build Scripts & Templates• Implement & Migrate• Educate & Share

Optimize• Use real-time insight• How will we measure and report?• How will our team adapt to the change?

• Mentorship & Insight• Ongoing Management• Live Support

Assessment Services TechCheck Assessment

Professional and Keystone Services Jumpstart AcceleratorGet Moving Offering

Professional ServicesAzure IaaS AnalyzerWorkload Analyzer

Professional ServicesWorkload Migration AcceleratorCloud Foundation Accelerator

Keystone Managed ServicesKeystone for AzureAzure CSP

How Softchoice helps Softchoice Offering

SQL ACCELERATOR

ASSESS

Discovery of the source SQL

solution details and dependent

applications

ARCHITECT

Use reference architectures to

design a supported SQL solution

end state and a migration plan

MIGRATE

Migrate or Upgrade the SQL

database to target platform while

maintaining application functions

SOFTCHOICE MANAGED CLOUD SERVICES:

COST MANAGEMENT

• Cloud budgeting, providing insights

to historical and future cloud spend

• Automated cost allocation, enabling

charge backs and visibility to cloud

cost by project and department

• Ongoing optimization and

mentorship, through sharing trends,

insights and recommendations

SUPPORT AND MENTORSHIP

• Access to 24x7 certified cloud

experts for support and mentorship

• Facilitated sessions to enable

successful cloud adoption

aligned to your cloud strategy

• Monthly newsletters, webinars,

best practice whitepapers, blogs

OPERATIONAL MANAGEMENT

• Implementation of cloud

management standards and

operational best practices

• Ongoing 24x7 remediation of

performance and availability issues

• Identity and Access Management

• Snapshot and Restoration services

• Operating system security patching

THANK YOUFOR YOUR TIME AND INTEREST