IT Pros: Meet Azure... again!Kristof RennenMike Martin

Mike MartinWho Am I

View more tips on my bloghttp://techmike2kx.wordpress.com

Crosspoint SolutionsWhere I Work

Architect, Windows Azure MVP, MEET, Insider

What I Do

@Techmike2kxMike.Martin@csps.be

Where To Find Me

A little more about me

Who am I?

Kristof Rennen

Solution Architect Cloud & Mobile at CronosMicrosoft Most Valuable ProfessionalMicrosoft Extended Experts Team MemberWindows Azure vTSP & Insider / Mobile Services AdvisorMember of Azug, the Belgian Windows Azure User Group

@kristofrennencontact@kristofrennen.be

IaaSWindows VMsLinux VMsStorageNetworking

PaaSWebMobileGamingCloud Services

DataAnalyticsMediaIdentity

The Azure platform

Microsoft Cloud infrastructure

Programming languages + toolsPowerShell, TFS + Git, Eclipse, .NET, Java, NodeJS, PHP, Python, Ruby

Greater than

1,000,000

SQL Databases in Azure

>25 TRILLION

storageobjects

>300

MILLIONAD users >13BILLION

authenticationsper week

>2.5 MILLION

requests per second

Hyper scale16 regions worldwide

in 2014

16 regions worldwide in 2014

Enterprise grade

Corporate AssuranceManageability

Security and EcosystemTrustworthy ComplianceEnterprise-Class Support Disaster recoveryCloud DR and HA

Corporate Assurance

Enterprise grade

Site recovery

DevOpsDevelopment IDEManagement Integration

Manageability

Enterprise grade

InfrastructureHybrid

Identity

Data

InfrastructureHybrid

IdentityHybrid

Active Directory

Active Directory

DataHybrid

Azure files

Import/export

Enterprise Grade IaaS

Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking

Enterprise Grade IaaS

DevelopmentMSDN Offer for Dev and TestWindows SQL Server and BizTalkSpecial Images

BASIC VM Sizes for Dev, Test and ProdBest value VMsBYOLB and BYOAutoScaleBASIC.A1

$152.92 / year (8x5 work)$91.52 / year (8x5 and MSDN)

MSDN Usage Options – Premium MSDN

24

100

Extending the power of your VMEnable easier managementSupport partner ecosystemFull control still with you!

VM Extensions

IaaS, meet PaaS

Azure

Curated Extension

s

Agent

Helper ExtensionsBGInfoUseful VM information added to the VM desktop

VM AccessReset admin password, rename admin account, reset network configuration (coming)

Virtual Machine ManagerUse VMM configuration files on Azure VMs

RDMA DriversEnable low-latency networking on A8 and A9 VM sizes

Configuration

PowerShell Desired State ConfigUse DSC to drive configuration

PowerShell OneGetFinds and installs software packagesChocolatey community repository

Windows Management Framework V5 Preview

configuration Main{ Import-DscResource -Module xWebAdministration

# Install the IIS role WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } # Install the ASP .NET 4.5 role WindowsFeature AspNet45 { Ensure = "Present" Name = "Web-Asp-Net45" }

. . . .. . . .

# Create a new website xWebsite BakeryWebSite { Ensure = "Present" Name = "FourthCoffee" State = "Started" PhysicalPath = "C:\inetpub\FourthCoffee" DependsOn = "[File]WebContent" } }

Configuration

BootStrapper

Azure Blob

CLIE

NT

Demo Walkthrough: Publish to Blob

Configuration

BootStrapper

Azure Blob

CLIE

NT

Demo Walkthrough: Configure Azure VM

Script Extensi

on DSC Resource

s

Resource Gallery

BootStrapper

Configuration

AZ

UR

E

VM

Parse

WebDeployEasily deploy websites from Visual Studio directly to an Azure VM

Remote DebuggingDirectly connect Visual Studio debugger to process in Azure VM

Development

Announcing Security and Ecosystem

Demo

Extensions and Visual Studio

Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking

Enterprise Grade IaaS

VM Images

VM Image

Captures all disks attachedBest effort disk consistencyRe-deploy as a new VMSysprep and non-Sysprep

OS Images(legacy)

Data Log

Demo

VM Images

System Center Management

External Load

Balancer

Customer Network

Customer on premises

Back end

Front end

Internet

Microsoft Azure

Public VIP

Microsoft Virtual Machine Converter 2.0

AzureServer VMDK

Server

Compute Intensive VM Sizes

Faster ProcessorsMore MemoryFaster inter-connect40Gbit/s RDMA NIC (Windows Only)

Name Virtual cores RAM

A8 8 56 GB

A9 16 112 GB

Growing our feature scale…

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Virtual Networking

Scale Unit

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Scale Unit Scale Unit

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Azure Server

Virtual Networking

Demo

Compute Intensive VMs in a region-wide VNET

Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking

Enterprise Grade IaaS

Access control Bitlocker EncryptionSQL Data Encryption (TDE)TrendMicro SecureCloudAfore SolutionsOperation Audit

SecurityApplication and Data

Development and DevOpsManagement and System CenterSecurity and EcosystemDR and Networking

Enterprise Grade IaaS

Transform the DatacenterOrchestrated disaster recovery to a second site

Microsoft Azure Hyper-V Recovery Manager

Communication Channel

Replication channel:

Hyper-V Replica

Primary Site

Windows Server

Recovery Site

Windows Server

Communication and Replication

Microsoft Azure Site Recovery

Transform the datacenterOrchestrated disaster recovery to a second site or to Azure

Communication Channel

Replication channel:

Hyper-V Replica

Primary Site

Windows Server

Recovery Site

Windows Server

Microsoft Azure Site Recovery

Primary Site

Windows Server

Key features include:Automated VM protection and replication

Remote health monitoring

Customizable recovery plans

No-impact recovery plan testing

Orchestrated recovery when needed

Networking• VNet-to-VNet Connectivity• IP Reservation for VIPs• Instance Level Public IP• Internal Load-balancing

Enterprise Grade: NetworkingVNet-to-VNet Connectivity

Cross-region VNET connectivity enabling communication to any Azure datacenter

For HA and DR, customers create virtual networks in different Azure regions

BeforeConnect through

CropVNet1West Europe

VNet2North Europe

One-to-oneconnection

VNet1West Europe

VNet2North Europe

Contoso HQ

Cross-subscription connectivityVirtual networks in different subscriptions can securely communicate using private IP addresses

AfterDirect VNet-to-VNet

Enterprise Grade: NetworkingIP Reservation for VIPs &Instance Level Public IP Internet

Reserved VIP

VM1 VM2

Cloud Service - 1

Microsoft Azure

VM3 VM4

Cloud Service - 2

LB IP:

A.B.C.D

IP reservation for VIPs:Reserve public IP addressesCustomers can own IP addresses andassign them to cloud services

1

1

2

2Instance-level Public IPs Assign public IPs to VMsEnables scenarios like FTP services, monitoring VMs by IP, etc.

Internal Loadbalancing

Enterprise Grade: Networking

External Load

Balancer

Customer NetworkInternal

Load Balancer

Customer on premises

Back end

Front end

Internet

Microsoft Azure

Internal VIPPublic VIP

Internal Loadbalancing:Loadbalance VMs without public facing endpoints Enables load balancing among VMs with private IP addresses Load balanced endpoint accessible only by customer’s virtual and on-premises networks or just within the cloud service

Demo

Networking Features

Hybrid IaaS

Hybrid: Networking• Express Route GA• Multiple Site-to-Site VPN

Virtual network and ExpressRoute

Connect via an encrypted link over public internet

Peer at an ExpressRoute location, an Exchange Provider facility

Connection from WAN provided by Network Service Provider. Azure becomes another site on the customer’s WAN.

IPsec VPN over internet

Exchange provider

Network service provider

Customer DC

Virtual Network—Compute only.

ExpressRoute—Provides customer choice and includes access to

compute, storage, and other Azure services.

ExpressRoutepartner location

Customer site 1

Customer site 2

Customer site 3

WAN

Publicinternet

Publicinternet

Publicinternet

Customer site

Microsoft Azure

Microsoft Azure

Microsoft Azure

Multiple Site-to-Site VPNHybrid: Networking

Multiple Site-to-Site connections

Multiple on-premises sites connect to same virtual networkcustomer may have geographically dispersed locations

VNet1US West

VNet2East Asia

Contoso NorthAm HQ

(10.0.0.0/16)Contoso East Asia

(10.3.0.0/16)

Connect to multiple on-premises locations

Azure Files

Azure VM

SMB 2.1The Azure Storage System (3 copies)Shared Settings, Diagnostic ShareLift and Shift Applications

Azure VM Azure VM

AzureFiles

Demo

Azure Files

Hybrid Application Landscape

RemoteApp Cloud Deployment

•Office 2013 ProPlus preinstalled•Rapid provisioning: apps quickly available•Automatic maintenance: OS and apps always up-to-date, Microsoft anti-malware•Users can logon with Microsoft Account or with corporate credentials federated with Azure AD

RemoteApp Hybrid Deployment

•Apps, OS and settings are fully customizable•IT can manage template images and apply updates via Azure Portal•Full access to on-premises network•User logon with corporate credentials federated with Azure AD

Two Deployment Choices

Server 2012 R2 Session

Virtualization

Dynamic Scalability

RemoteApp Cloud Deployment

58

RemoteApp Service

Pre-built template imageAutomatically maintained

Published Apps

Session Host …

Session Host

Session Host

Elastic Runtime

Persistent user data(50GB per user)

Microsoft Account

Azure Active Directory

On-premises Network

Windows Server Active Directory

DirSync (optional

)

RDP

Identity Options

Authentication

Hybrid Cloud DeploymentHybrid

ManagementHybrid NetworkingFederated Identity

• Core technology: Azure Virtual Networking with Site-to-Site VPN

• RemoteApp Virtual Networks build on Azure networking to seamlessly access on-premises resources

• Core technology: Azure Active Directory with DirSync

• RemoteApp leverages Azure AD to control user access and enable Single Sign-On

• Core technology: Windows Server Active Directory on-premises

• RemoteApp hybrid resources are domain-joined and conform to on-premises policies

Cloud Deployment: Automatically maintained

Latest OS and application updates rolled out on an ongoing basisAlways the latest Microsoft Office 2013 ProPlus

Hybrid Deployment: Updates under IT Control

Ongoing updates: Running RDSH VMs can be updated with GP, WSUS, SC, and other management tools from on-premises.Image-based updates: You can upload a new template image and apply it to a RemoteApp service instance. Update will be rolled out automatically.

Patching and Updates

Cloud Deployment: Automatically maintained

Latest OS and application updates rolled out on an ongoing basisAlways the latest Microsoft Office 2013 ProPlus

Hybrid Deployment: Updates under IT Control

Ongoing updates: Running RDSH VMs can be updated with GP, WSUS, SC, and other management tools from on-premises.Image-based updates: You can upload a new template image and apply it to a RemoteApp service instance. Update will be rolled out automatically.

Patching and Updates

RemoteApp Hybrid Deployment

62

RemoteApp Service

Session Host …

Session Host

Session Host

Elastic Runtime

Persistent user data(50GB per user)

Azure Active Directory

RDP

Authentication

Custom template imageMaintained via Azure Portal

Corporate Apps

Published Apps On-premises Network

Windows Server Active Directory

LOBFiles

Azure VPN

Domain Joined

Subject to IT policy via GP, System Center, or other enterprise management tools

DirSync

RemoteApp Cloud Deployment

• Windows apps from Microsoft as a turn-key, scalable, globally available service

RemoteApp Hybrid Deployment

• Your corporate apps as a service that can be access from anywhere

Two Deployment Choices Compared

Server 2012 R2 Session

Virtualization

Dynamic Scalability

FeaturesPrice (per user) Free during preview

Window Server version Windows Server 2012 R2

Remoting Protocol RDP 8.1

Microsoft Office Professional Plus 2013

Bring your own applications

Device platforms Windows 7/8.x, iOS, AndroidComing soon: Windows Phone, Windows RT, Mac OS X

Microsoft Account support

Federated Identity with Active Directory

Integration with On-Premises IT Infrastructure

Storage (per user) 50 GB

Initial capacity at preview 20 users per Azure account. Customers can request additional capacity during the preview.

Regions US East, US West, Europe North, Europe West, Asia Pacific East, Asia Pacific Southeast

All the latest announcementsGenerally Available• ExpressRoute• Multiple Site-to-Site• In-Region and Cross-Region VNET• Compute-intensive A8 & A9 • IP Reservation for VIPs• Microsoft Azure Import/Export• Azure Managed Cache Service• Traffic Manager External End Points• Azure Store (EA only)• BizTalk Server 2013 R2 launch• Linux distributions phone support• PowerShell Script Deployment• Ecosystem Security• Windows Client in MSDN

Preview• Instance level Public IPs• Azure Redis Cache Service• RemoteApp• Internal Loadbalancing• Azure File• Azure API Management• BizTalk Hybrid Connections

Coming Soon• Site Recovery

And take home the Lumia 1320

Present your feedback form when you exit the last session & go for the drink

Give Me Feedback

Follow Technet Belgium@technetbelux

Subscribe to the TechNet newsletteraka.ms/benews

Be the first to know

Belgiums’ biggest IT PRO Conference