My Azure Branch Office

- 21/MAI -

www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt www.galileu.pt

FORMAÇÃO SERVIÇOS EDUCAÇÃO
AGENDA

• 19h00: Bem-vindos ao Braga Open Week

• 19h05: Workshop
1ª Parte: My Azure Branch Office

• 20h10: Coffee Break

• 20h30: Workshop
2ª Parte: My Azure Branch Office

• 21h30: Fim

Luis Lima
pt.linkedin.com/in/luisaalima
ABOUT ME
• MCSE: Private Cloud
• MCSA: Office 365
• MCSA 2012: Windows Server 2012
• MCSA 2008: Windows Server 2008
• MCSE 2012: Server Infrastructure
• Microsoft Certified Trainer
• Vmware Certified Professional 5.5
• Information Security Foundation on ISO/IEC 27002
• Certified Ethical Hacker
• ITIL - Operational Support and Analysis
• PRIMERGY Senior Systems Engineer
• Online Storage Systems Engineer
Cloud Services
 move save
faster money

The Cloud has changed how we work,

where we work and how we BYOD
do business.
goes
mainstream

integrate
on-premise
apps & scale on
data demand
PLATFORM AS A SERVICE
BUILDING BLOCKS TO TECHNOLOGY SOLUTIONS
 COMPLIANCE

Information Effective Government

security controls & industry
standards certifications

ISO 27001 SOC 1 Type 2 FedRAMP/FISMA

SOC 2 Type 2 PCI DSS Level 1
UK G-Cloud
HIPAA/HITECH
CLOUD COMPUTING PATTERNS
 MANAGE USING EXISTING TOOLS

Windows Intune

Macs X86/x64 Windows

AD Windows RT
Server 2008
R2
VPN Tunnel
Windows
Phone 8

iOS

Windows Windows Windows Windows Windows Android

Server 2012 Server 2008 Server 2003 Server 2012Server 2012

On Premises Azure Internet

 AZURE HYBRID USAGE SCENARIOS

SQL DB Mirroring / AlwaysOn

80/443
VPN Tunnel

Fileservers

Web Based Applications

Cloud Service
THINK AND NOT OR

Virtualization

Identity Data
Platform

DevOps
Development
and mgmt
 ESTIMATING CLOUD COSTS

http://www.windowsazure.com/en-us/pricing/calculator/
COST ESTIMATOR TOOL
Azure Networking
 HYBRID CLOUD CONNECTIVITY

IP Address Space: 10.1.0.0/16 IP Address Space: 10.2.0.0/16

IP ADDRESSES
 MICROSOFT AZURE VIRTUAL NETWORKS

Address spaces: 10.x, 172.16.x and 192.168.x

 SUMMARY OF NETWORKING FEATURES

Input Endpoint Internal Endpoint

UDP
Loadbalancing for virtual machines
Custom load balancer probes

Name Resolution

Windows Azure Virtual Network

Windows Azure Traffic Manager
for Hybrid scenarios
 DNS SCENARIOS

Azure DNS Resolution of INTERNAL

resources are defined per Cloud Service
…
One cloud service cannot resolve a SQL
SQL Analysis
Reporting SQL
Service
different cloud service by internal host Service Service

names

Local DNS
DC DNS
Open User Access
Web Tier (Website) VM Role
Active Directory SharePoint
FrontEnd VM Role
UI Process Components
VM Role SQL

SQL Mirroring
On-Premises VM Role
Active Directory Machine
Business Components &
Entities SharePoint
FrontEnd Search and
Active Directory Indes SQL
On-Premises Machine VM Role
SQL Service VM Role
SQL Service
Domain joined to On- Internet VM Role

Premises Network
VM’s
VIRTUAL MACHINES
AVAILABILITY & SERVICE LEVEL AGREEMENT
VIRTUAL MACHINE AVAILABILITY SETS
VIRTUAL MACHINE PORTABILITY
Azure Websites
 AZURE WEBSITES FEATURES & CAPABILITIES

Enterprise-class Global scale Built for DevOps

Designed for secure mission-critical applications Optimized for Availability and Automatic scale Agility through Continuous Deployment

Hybrid Connections / VPN Support Automated Deployment Remote Debugging w/ Visual Studio
Scheduled Backup AutoScale Site Staging Slots
Azure Active Directory Integration Built-in Load Balancing Testing in Production
Site Resiliency, HA, and DR WW Datacenter Coverage Continuous Integration/Deployment
Web Jobs End Point Monitoring & Alerts Git, Visual Studio Online and GitHub
Role Base Access Control App Gallery App & Site Diagnostics
Audit / Compliance DR Site Support OS & Framework Patching
Enterprise Migration WildCard Support Site Extensions Gallery
Client Certs Dedicated IP address NET, PHP, Python, Node, Java
Redis Caching HTTP Compression Framework Installer
IP Restrictions/ SSL CDN Support for Websites Browser-based editing
Web Sockets Auto-Healing
SQL, MySQL, DocDB, & Mongo Logging and Auditing
Sticky Sessions
 CUSTOMER SCENARIOS
HOW CUSTOMERS ARE USING A ZURE WEBSITES

Corporate Websites Enterprise Web Apps Digital Marketing

Microsoft backed business continuity Optimized for Performance and Automatic scale Agility through Continuous Deployment

.COM sites Employee/Partner apps Campaign sites

eCommerce sites Windows Server 2003R2 EOL Micro / Brand sites
Large events Hybrid Applications Social Media sites
MONITORING

37
HYPER SCALE
WEST US WEST EUROPE
 INTELLIGENT CUSTOMER ROUTING WITH TRAFFIC
MANAGER

www.yourapp.com
Azure Backup / Recovery
BUSINESS CONTINUITY CHALLENGES
IMPACT OF DATA GROWTH ON BUSINESS CONTINUITY

Complexity of protecting data and applications

Too much data—often with insufficient protection

Long data-retention requirements

Time-intensive media management

Untested disaster recovery and decreasing recovery confidence

Higher costs as data size and number of virtual machines

increase
 PROTECTION THAT EVOLVES WITH YOUR IT
IT SOLUTIONS ARE NOT SILOS—YOUR BUSINESS CONTINUITY
SOLUTIONS SHOULDN’T BE

Physical Virtual Hybrid Cloud Cloud

 WINDOWS AZURE BACKUP

Backup datacenter data to Windows using

System Center Data Protection Manager
Backup and recover files/folders from
Windows Server 2012 SP1

Your On-Premises Datacenter

Benefits
Reliable offsite data protection
Simple, familiar, integrated
Efficient backup and recovery
Easy set up
 BACKUP OVERVIEW

1 Sign up

2 Install
Agent 3 Register (Certificate)

Agent
Agent
4 Set policy
Agent Windows Server 5 Backup
2012 Data

Data
6 Recovery (same server)
Data
7 Recovery (alternate server)
 SAFEGUARD YOUR APPLICATIONS
ON-PREMISES TO MICROSOFT AZURE PROTECTION WITH
AZURE SITE RECOVERY

Microsoft Azure Microsoft Azure

Site Recovery Site Recovery

Orchestration Orchestration
and replication and replication

InMage
Scout
2015

Primary Windows Primary VMware/

site Server site Physical
SQL
 SQL SERVER CLOUD CONTINUUM

Hybrid
Shared
Lower cost

Azure SQL Database

Virtualized Databases

SQL Server in Azure VM

Virtualized Machines
Higher cost
Dedicated

SQL Server Private Cloud

Virtualized Machines

SQL Server
Physical Machines

High Control | High Maintenance Low Control | Low Maintenance

 MICROSOFT AZURE VMS

VMs hosted on Microsoft Azure Infrastructure (“IaaS”)

• From Microsoft images or your own images
• Fast provisioning (~10 minutes)
• Accessible via RDP and Powershell

Pay per use

• Per minute (only when running)
• Cost depends on size and licensing
• Large discounts for MSDN subscribers!
• You can use your existing SQL licenses
• Network: only outgoing (not incoming)
• Storage: only used (not allocated)

Elasticity
• 1 core / 2GB mem / 1TB   16 cores / 112 GB mem / 16TB
 SQL SERVER IN AZURE VMS

Many SQL versions supported

• SQL 2014 (Enterprise / Standard / Web)
• SQL 2012 (Enterprise / Standard / Web)
• SQL 2008 R2 (Enterprise / Standard / Web)

Optimized images
• Transactional Processing or Data Warehousing
• Implement multiple optimizations (e.g. storage pools with multiple disks, best stripe sizes, disk caching, SQL traceflags)

(Almost) 100% compatibility

• SQL Failover Clusters coming soon..
 SQL SERVER IN AZURE VMS - DEPLOYMENT

Use a Gallery image Bring your Own Image

• Includes everything you need • Create a VHD (sysprep)
• Engine • Upload to your Azure Storage account
• Reporting Services • Provision VM from VHD
• Analysis Services
• Integration Services
• Management Studio

• Refreshed monthly with latest fixes

 SQL SERVER IN AZURE VMS - MIGRATION

Use the Deployment Wizard (SQL Server 2014 Management Studio)

Can be used on previous SQL Server versions

Migrates a DB from on-premise to an existing/new Azure VM

1. Backup DB to a network share
2. Copy backup to Azure Storage
3. Provision new VM or select existing VM
4. Restore DB on VM
 SQL SERVER IN AZURE VMS – BUSINESS
CONTINUITY

SQL Server High Availability

• Configure an AlwaysOn Availability Group between VMs in the same region
• Automatic failover on SQL/VM issues (~10 seconds)
• Easily configurable using AlwaysOn Portal Template
Witness

VM

S
P
S
P

VM VM
 SQL SERVER IN AZURE VMS – BUSINESS
CONTINUITY

SQL Server Disaster Recovery

• Configure an AlwaysOn Availability Group between VMs in different regions
• Manual Failover (~15 seconds). Test it at any time!
• Using Internal Endpoints
Azure AD
 IDENTITY CONSIDERATIONS: CLOUD, SYNC
OR FEDERATED?

Cloud identity provides a

 solution where all identity
resides in the cloud
 Identity sync enables
customers to bridge their
existing identity into the cloud
Federated identity allows
customers to retain all
authentication on-premises
B2B federated identity allows
  customers to securely share and
collaborate with each other
 COMMON IDENTITY WITH SYNC AND FEDERATION
Synchronization
*Write back of attributes to
support cloud first and co-existence
Federation
AD FS provides conditional access
to resources, Work Place Join for
device registration and integrated
Multi-Factor Authentication
User attributes are synchronized including the
password hash, Authentication can be completed
against either Azure or Windows Server Active
Directory
User attributes are synchronized,
Authentication is passed back through
federation and completed against
Windows Server Active Directory
*Coming Soon
SELECTION OF PRE-INTEGRATED SAAS APPS
BRAGA OPEN WEEK
PRÓXIMOS WORKSHOPS

• Workshop: A melhor amiga do Utilizador, a Experiência Interativa

22/Maio | 18h30 – 21h30 | FLAG

• Digital Marketing Conference

23/Maio | 9h00 – 17h30 | FLAG

Inscreva-se em: www.rumos.pt/bragaopenweek