Arquitectura y Buenas prácticas con Windows Azure para ITPros

Windows Azure Best Practicesfor IT Pros Ibon Landa

Development Team Lead at Plain ConceptsWindows Azure MVP/Insider

@ibonilm – http://www.devthinks.com

Ibon Landa

Development Team Lead

Windows Azure MVP

[email protected]

http://www.devthinks.com

@ibonilm

http://www.devthinks.com/

http://spain.windowsazurebootcamp.org/



http://spain.windowsazurebootcamp.org/ @gwab_es – [email protected]


Windows Azure

Global Physical Infrastructureservers / network / datacenters

caching identityservice

bus media cdn big data commerceintegratio

n analytics hpc mobile

compute storage networkingvirtual machines

web sites

cloud services

SQL database

noSQL database

blob storage connect

virtual network

traffic manager

...

Fra

mew

ork

sS

erv

ices

Fab

ric

Infr

astr

uctu

re

N Central US, S Central US, N Europe, W Europe, E Asia, SE Asia + 24 Edge CDN Locations

......

......

...

Automated

Managed

Resources

Elastic

Usage Based

Your Datacenter

Virtualization

O/S

Hardware

Network

Data

Applications

Firewall

Web Sites

Applications

Data

Cloud Services

Applications

Firewall Rules

Data

Virtual Network

Virtual Machines

Virtual Network

Data

Applications

Firewall Rules

O/S

Focus on the Application

Windows Azure

IaaS and PaaS – Better Together

Physical Virtual SaaSIaaS PaaS

Virtual Networks

Virtual Networks

The Corp. HQ (10.0.0.0/16)

Contoso Test in Windows Azure

(10.2.0.0/16)

Contoso Production VNet in Windows Azure (10.1.0.0/16)

S2S VPN Device

IIS Servers

AD / DNS

SQL Farm

ExchangeBRK Gateway

S2S VPN tunnels10.0.0.1010.0.0.11

131.57.23.120

10.2.2.0/24

10.2.3.0/24

10.2.2.0/24

10.2.3.0/24

65.52.249.2210.1.0.4 10.1.1.4

Persistent VM Role

Persistent VM Role

Redundancy at every level

End to End Highly Available Solution

IIS Web Application

Web Role

IIS Web Application

Web Role

LB

SQ

L M

irro

ring

Internet

SQL-AVSET

IIS-AVSET

SQLServer

SQLServer

Manage using existing Tools

AzureOnPrem

Windows Server 2012

Internet

Android

Windows Phone 8

Windows RT

iOS

X86/x64 Macs

Windows Server 2012

Windows Server 2012

Windows Server

2008 R2

Windows Intune

VPN Tunnel

AD

Windows Server 2008

Windows Server 2003

VNet Best Practices SummaryUse always a VNet!IaaS and PaaS – Better TogetherHybrid solutions: on premise + cloudManage using existing ToolsReduces attack surface

Demo

Traffic Manager

Traffic Manager

PaaS SaaSPhysical

Virtual IaaS

Windows Azure Storage

VM with persistent drive

Persistent Disk Management

• C:\ = OS Disk• D:\ = Non-Persistent Cache Disk• E:\, F:\. G:\ ... Data Disks

Capability OS Disk Data Disk

Host Cache Default

ReadWrite None

Max Capacity 127 GB 1 TB

Imaging Capable Yes No

Hot Update Cache Setting Requires Reboot

Change Cache Without Reboot, Add/Remove without Reboot.

Disk Caching

Disk Type Default Supported

OS Disk ReadWrite Read-only and ReadWrite

Data Disk None None, Read-only and ReadWrite

Modify using Set-AzureOSDisk or Set-AzureDataDisk

Fault Domain

Rack

Fault and Update DomainsFault Domain

Rack

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

INSTANCE

UD #1

UD #1

UD #2

UD #2

Virtual Machine Virtual Machine

How Does this Relate to SLA?

SLA 99.95

SQL Server

Primary

SQL Server

Secondary

Availability set

Security RecommendationsEstablish a local administrator account that is not 'administrator' Use a complex strong password for your new administrator account Change the default port (3389) for RDP Remove the RDP endpoint if you aren't using it Consider administering your VM's via Windows Azure Virtual Network instead of a public RDP ports.

PaaS SaaSPhysical Virtual IaaS

SQL Server on Virtual Machines

Windows Azure SQL Database

SQL Server or Windows Azure SQL Db? SQL Server

(IaaS)Windows Azure SQL Database

(PaaS)

Development Migrate Existing Apps Develop New Apps

Management Full Control Managed Service

Compatibility Full SQL Server Capabilities Based on SQL Server Technology

Shared TechnologyNetwork transport (Tabular Data Stream)

SQL dialect (Transact-SQL)Data access APIs (ADO.NET, ODBC, JDBC)

Development tools (SQL Server Data Tools)Management tools (SQL Server Management

Studio)

Running SQL Server in a Windows Azure VMStorage RecommendationsDo not use write cachingAvoid using OS drive for large databasesConsider putting database and transaction log files on separate drivesSplit tempDb into multiples filesBackup to Windows Azure Storage

Database RecommendationsConsider using database page compression to reduce I/O

High Availability RecommendationsConsider latency between primary and replica when choosing sync modeAlwaysOnWhen provisioning these VMs; Same Affinity Group, same availability set, same VNet

Business Intelligence

Business IntelligenceExtra Large VM or moreDon´t use OS Disks!SASS (OLAP/Tabular)Easy to create your own domain for authenticationEasy scale outCheap storage

OLAPBe careful with the IOPs, it could a problemSQL Server 2014 can help

TabularChoose the memory that you need – Maybe not to cheap

Hadoop on Windows Azure

IaaS vs PaaS (HDInsight)

Physical Virtual SaaSIaaS PaaS

Active Directory on Windows Azure

Active Directory on Windows AzureDon´t worry about static IP warningUse extra disk for SYSVOL databaseUse Windows Server 2012Remove unnecessary endpointsUse compression to sync with a local DCUse the same Availability Set

Windows Azure Best Practicesfor IT Pros Ibon Landa

Development Team Lead at Plain ConceptsWindows Azure MVP/Insider

@ibonilm – http://www.devthinks.com