Extend your datacenter with

Microsoft Azure
Tom Kanty Kantrek
[email protected]

Modules
Base Modules
Why Care about Microsoft Azure
Getting Started with IaaS
Getting Started with IaaS Workloads
Getting Started with IaaS Networking
Getting Started with Azure Storage

Expansion Modules
Hybrid cloud with Microsoft Azure

Resources

Aka.ms/Azure-CZ
3

Module 1

A lap around Microsoft Azure for an Infrastructure

Professional

Why Microsoft Azure?

Public Cloud
Platform

$30

Speed

Scale

Market Share (in Billions)

$25

Economics

$20

$15

$10

$5

2008

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

2019

2020

Cloud Computing Patterns

Compute

On and Of
Inactivity
Period

On & off workloads (e.g. batch job)

Over provisioned capacity is wasted
Time to market can be cumbersome

Compute

Growing Fast
t

Successful services needs to grow/scale

Keeping up w/ growth is big IT challenge
Cannot provision hardware fast enough

Compute

Unpredictable
Unexpected/unplanned peak in demand
Bursting
Sudden spike impacts performance
Cant over provision for extreme cases

Predictable Bursting

Compute

Services with micro seasonality trends

Peaks due to periodic increased demand
IT complexity and wasted capacity

Cloud Computing
Packaged
Software

Platform

Software

(as a Service)

(as a Service)

(as a Service)

Applications

Applications

Applications

Applications

Data

Data

Data

Data

Runtime

Runtime

Runtime

Runtime

Middleware

Middleware

Middleware

Middleware

O/S

O/S

O/S

O/S

Virtualization

Virtualization

Virtualization

Virtualization

Servers

Servers

Servers

Servers

Storage

Storage

Storage

Storage

Networking

Networking

Networking

Networking

Infrastructure

Cloud innovation presents

challenges for IT
How do I integrate
with my existing
IT investments?
What about
my heterogeneous,
complex IT
landscape?
What about security
and compliance?

Think AND not OR

Enterprise
needs

Virtualization

Integration

Identity

On-premises
Microsoft Azure
fundamentals

On-premises
AND Cloud

Development

Data
Platform

Cloud
DevOps
and
mgmt

Global Presence and

Scale

North America Region

West
U.S. Sub-Region

N. Central
U.S. Sub-Region

Europe Region
N. Europe
SubRegion

East
U.S. SubRegion

W. Europe
SubRegion

S. Central
U.S. Sub-Region

Major datacenter
CDN node
Live sub-region
Announced sub-region
Partner-operated subregion

24 x 7 x 365 support.

Asia Pacific Area

LATAM
Sub-Region

NE. China (via

21Vianet)
Sub-Region

East Japan
Sub-Region
West Japan
Sub-Region

E. Asia
Sub-Region

E. China (via
21Vianet)
Sub-Region
S.E. Asia
Sub-Region

East
Australia
Sub-Region
Southeast
Australia
Sub-Region

89 markets worldwide.

2x Compute and storage every six

Azure Building Blocks

Scenarios
Store, backup, recover your data

Develop, test, run your apps

Extend your infrastructure

Reach where your datacenter

Scenarios to
get started
with Microsoft
Azure

Module 2
Getting Started with IaaS

IaaS Terminology
IaaS Infrastructure as a service
You have control over your VMs and the network configuration, but dont

have to worry about hardware.

Cloud Service (in this context)

A container or management grouping. Every virtual machine is contained

within a cloud service.

Microsoft Azure Virtual Machines IaaS.

You can provision, migrate, and manage VMs. VMs can run Windows, Linux,

and enterprise applications.

Microsoft Azure Virtual Network

The networking overlay that allows you to create and manage virtual

networks in Microsoft Azure and securely connect them to your own on-

Virtual Machines
l
a
u ork
t
r w
i
V t
e
N

Scalable, on-demand
infrastructure for your
apps and VMs
Apps with public web front ends,
variable traffic sitting in
demilitarized zone
Existing custom apps, specialty
servers with batch processing
patterns
No app changes same VHD
format
Manage with tools you know

Virtual
Machines

Business
Application
SQL
Windows Server
Server
Active Directory

Inter
net

Windows Server
Active Directory

System Center Windows

Operations
Server
Manager

Onpremises

Business Users

Windows
Azure

Business
Users

Sample Images Available

Microsoft
Windows Server 2012 R2
Windows Server 2012
Windows Server 2008 R2
SQL Server 2012
SQL Server 2014
BizTalk Server 2013
Enterprise or Standard
versions of
SharePoint 2013
OpenSUSE 12.3
Web Logic Server 12c or
Visual Studio 2013
CentOS 6.3
11g
Ubuntu 12.04/12.10/13.04 Database 12c or 11g
SUSE Linux Enterprise Server
11 SP3

Open Source

Oracle

IaaS Management
Windows Azure PowerShell
Set of cmdlets for managing all objects
PowerShell remoting to manage hosted VMs with local

PowerShell or PowerShell ISE.

Server Manager (hosted in VM or local)
VPN connections to hosted networks
RDP to VM desktop
Telnet or SSH (Linux)
Platform specific tools (SQL Management Studio/Visual
Studio)
3rd Party/Community Tools

Module 3
Getting started with Workloads

Microsoft Azure Data

Management
NON-RELATIONAL
RELATIONAL
01001101
00101010
10010100
01110101
00100101
Blob Storage

Tables

HDInsight

SQL Server in a VM

SQL Database

A cloud storage
service ofering the
simplest way to store
large amounts of
unstructured text or
binary data, such as
video, audio and
images, and for
creating virtual hard
drives in the cloud.

A NoSQL key/value
store that provides
simple access to
semi-structured data
at a lower cost for
applications that do
not need robust
querying capabilities

A Big Data
implementation
100% compatible
with Apache Hadoop.

A full-featured instance
of SQL Server running in
a Windows Azure Virtual
Machine for quickly and
easily running or testing
SQL Server applications
in the cloud

A feature-rich, fully
managed relational
database service that
ofers a highly
productive experience
with business-ready
capabilities built on
SQL Server technology

Best for
inexpensive,
scalable storage
of semistructured data

Best for Big Data

Analytics across
semi-structured
and
unstructured
data

Best for existing

and new
applications
needing full SQL
Server feature
set

Best for
inexpensive,
scalable storage
of data

Best for new

cloud
applications
needing
relational
capabilities and
high availability

Microsoft SQL Azure

Low TCO for
Existing Apps
No App Changes
Required
Familiar Development
tools
Library of VM
Templates

Full SQL
Server
Capability
High Availability of
Database with
AlwaysOn Availability
Groups
Advanced Security
(Transparent data
encryption & auditing)
Full Business
Intelligence
Functionality

Flexibility &
Control

Managed
Infrastructure

Full Control of Virtual

Machine

Fully Managed
Infrastructure

Common Identity
(Active Directory
Integration)

99.95% SLA for Virtual

Machine
Single Pane of Glass to
Manage with System
Center 2012

Service Provisioning
Model
Each account has zero or more servers

Account

Azure wide, provisioned in a common portal

Billing instrument

Each server has one or more databases

Server

Contains metadata about the databases and usage

Unit of authentication
Unit of Geo-location
Generated DNS based name

Each database has standard SQL objects

Database

Unit of consistency
Unit of multi-tenancy
Contains Users, Tables, Views, Indices, etc.
Most granular unit of billing

Why use Microsoft Azure web

sites
Ready for business.
Web scale, world wide.
Best Visual Studio experience.
Faster to market.
Open and flexible.

Azure web sites Easily

scale
shared

SHARED INSTANCES

:-)

Web sites

shared
SHARED INSTANCES

:-)
:-)

Web sites

1
0

standar
d
SHARED INSTANCES

RESERVED INSTANCE

:-)
:-)

:-)

Web sites

standar
d
RESERVED INSTANCE

:-)

Web sites

Standar
d
RESERVED INSTANCE

:-)
:-)

:-)

:-)

RESERVED INSTANCE

:-)
:-)

:-)

:-)

auto-scaling
cpu
utilization
STANDARD INSTANCE

STANDARD INSTANCE

STANDARD INSTANCE

:-)

:-)

:-)

What is Azure Active Directory?

A comprehensive identity and access management

cloud solution.
It combines directory services, advanced identity

governance, application access management and a

rich standards-based platform for developers
Azure Active Directory Premium is an advanced

offering that includes IAM capabilities for onpremises, hybrid and cloud environments

Public Identity as the control point

Active Directory
Microsoft apps

Active Directory
Custom
LOB apps

Other Directories

ISV/CSV
apps

Non-MS cloud-based apps

PCs and devices

Azure Active Directory Premium

Built on top of the free ofering,
provides a robust set of capabilities
to empower enterprises with
demanding needs on identity and
access management
Additionally, Azure AD premium
offers:
An Enterprise SLA of 99.9%
Usage rights to Identity Manager
Server and CALs

Common Identity with Sync and

Federation
Synchronization

Active Directory
Active Directory

Write back of attributes to support cloud first

and co-existence

Identity Sync with

password hash sync

User attributes are synchronized including the password hash,

Authentication can be completed against either Azure or Windows
Server Active Directory

Federation

Identity
Sync

Active Directory

Active Directory

AD FS provides conditional access to

resources, Work Place Join for device
registration and integrated Multi-Factor
Authentication

User attributes are synchronized, Authentication is

passed back through federation and completed against
Windows Server Active Directory
AD FS

Module 4
Getting Started with Azure Networking

Microsoft Azure Virtual

Network
Windows Azure
VM 1
Subnet 2

VM 2
ROLE
1

Your virtual branch office/

datacenter in the cloud

Subnet 1

Extend your Enterprise Networks into Azure networking

on-ramp for migrating existing apps and services to
Windows Azure
Enables hybrid apps that span cloud and their
premises

A protected private virtual

network in the cloud

Set up secure private IPv4 networks fully contained

within Windows Azure
IP address persistence
Inter-service DIP-to-DIP communication

DIPS and VIPS

There are multiple ways to access a VM by IP address
VIP Virtual IP address

An internet-facing IP address that is not bound to a specific computer or network

interface card.
The cloud service that the VM sits within is assigned the VIP.
You can have multiple VMs in a cloud service. They share the same VIP.

DIP Dynamic IP address

This IP address is dynamically assigned (via DHCP) to your virtual machine by Windows
Azure. You rely on DHCP Do NOT statically configure your IP address. Even for DCs.
The IP address lease directly equates to the lifetime of the VM.
If you create a virtual network, the VM will receive its DIP from that range.

IP Addresses
CLOUD SERVICE
VIP- 137.135.64.110
VIRTUAL MACHINE
DIP-192.168.1.7

VM1

VIRTUAL MACHINE
DIP-192.168.1.15

VM2

Port Forwarding Input

Endpoints

Cloud App / Hosted Service

Endpoint
Public Port
Local Port
Protocol (TCP/UDP)
Name

PORT 3389

PORT 5586

VM1

LB/IP
PORT 5587

PORT 3389

VM2

Single Public IP Per Cloud Service

Connectivity in Azure
foo.cloudapp.net VIP

Input Endpoint
VIP: Input Endpoint
LB

Load balanced endpoint. Stable VIP per cloud

service.
Single port per endpoint
Supported protocols: HTTP, HTTPS, TCP

Internal Endpoint

Instance-to-instance communication
Supported Protocols: TCP, UDP
Port ranges supported
Communication boundary = Deployment boundary

Internal Endpoint

Connectivity in Azure

LB

Internal Endpoints

DNS Scenarios
Windows Azure DNS Scenarios

Use your own DNS Scenarios

A. Client-server applications using VMs

B. Hybrid connectivity with on-premise (DNS onpremise)

Web Tier
UI
UI Process
Process
Components

Active Directory

SQL
Reporting
Service

SQL
Analysis
Service

SQL
Service

VM

VM

VM

Active Directory
Active Directory

SQL Service
On-Premises
Machine

Domain
Domain joined
joined to
to OnOnPremises
Premises Network
Network

C. SharePoint with custom DNS (VM)

Open
Open User
User
Access
Access
(Website)
(Website)

DC
DC

VM
VM Role
Role
VM
VM Role
Role

SQL
SQL
VM Role
VM
Role

LB
SharePoint
SharePoint
FrontEnd
FrontEnd
VM
VM Role
Role

Internet

Local
Local DNS
DNS

Search
Search and
and
Indes
Indes
SQL
SQL Service
Service
VM
VM Role
Role

SQL
SQL
VM Role
VM
Role

SQL
SQL Mirroring
Mirroring

SharePoint
SharePoint
FrontEnd
FrontEnd
VM
VM Role
Role

DNS
DNS

On-Premises
Machine
Business
Business
Components
Components &
&
Entities
Entities
On-Premises
On-Premises Machine
Machine

Virtual Network
Scenarios
Hybrid Public/Private Cloud
Enterprise app in Windows Azure requiring connectivity to on-premise resources

Enterprise Identity and Access Control

Manage identity and access control with on-premise resources

(on-premises Active Directory)

Monitoring and Management

Remote monitoring and trouble-shooting of resources

running in Windows Azure

Advanced Connectivity Requirements

Cloud deployments requiring IP addresses

and direct connectivity across services

The virtual branch

office

The Branch Office

The Corp. HQ
SQL Servers

IIS Servers

AD / DNS

Exchange

S2S VPN
Device

nnel
u
t
N
P
S2S V

S2S VP
N

tunnel

S2S VPN
Device

The Virtual
Network
in Windows Azure
BRK Gateway

Example: Contosos
Deployment
The Corp. HQ
SQL Farm

(10.0.0.0/16)

Contoso Production
VNet in Windows
Azure (10.1.0.0/16)
10.2.2.0/2
4

10.2.3.0/2
4

IIS Servers
131.57.23.120
10.0.0.10
10.0.0.11

AD / DNS

Exchange

65.52.249.22 10.1.0.4

S2S VPN tunnels

S2S VPN
Device

10.1.1.4

Contoso Test in
Windows Azure
(10.2.0.0/16)

BRK Gateway
10.2.2.0/2
4

10.2.3.0/2
4

Module 5
Getting started with Storage

Windows Azure Storage

Storage in the Cloud
Scalable, durable, and available
Anywhere at anytime access
Only pay for what the service uses

Exposed via RESTful Web Services

Use from Windows Azure Compute
Use from anywhere on the internet

Microsoft Azure Storage Accou

Can CDN Enable Account
Blobs delivered via 24 global CDN nodes

Can co-locate storage account with compute

account
Explicitly or using affinity groups

Accounts have two independent 512 bit shared

secret keys

Storage Security
Windows Azure Storage provides simple
security for calls to storage service
HTTPS endpoint
Digitally sign requests for privileged operations

Two 512bit symmetric keys per storage

account
Can be regenerated independently

More granular security via Shared Access

Windows Azure Storage

Abstractions

Blobs

Simple named files

along with
metadata for the
file.

Drives

Durable NTFS
volumes for
Windows Azure
applications to use.
Based on Blobs.

Tables

Structured storage.
A table is a set of
entities; an entity is
a set of properties.

Queues

Reliable storage
and delivery of
messages for an
application.

Blob Storage Concepts

http://<account>.blob.core.windows.net/<container>/<blobname>

Account

Container

Blob

Pages/
Blocks

PIC01.JPG
Block/Page

images
PIC02.JPG

contoso

Block/Page
videos

VID1.AVI

Microsoft Azure Drives

Durable NTFS volume for Microsoft Azure Instances
Use existing NTFS APIs to access a network attached durable drive
Use System.IO from .NET

Benefits
Move existing apps using NTFS more easily to the cloud
Durability and survival of data on instance recycle
Drives can be up to 1TB

A Microsoft Azure Drive is an NTFS VHD Page Blob

Mounts Page Blob over the network as an NTFS drive
Local cache on instance for read operations
All flushed and unbufered writes to drive are made durable to the Page
Blob

Microsoft Azure Drive Capabil

An instance can dynamically mount up
to 16 drives
Remote Access via standard BlobUI
Cant remotely mount drive
Can upload the VHD to a Page Blob using the blob
interface, and then mount it as a Drive
Can download the VHD to a local file and mount locally
Only one instance at a time for read/write
Using read-only snapshots to multiple instances at once

Uploading VHDs
Three steps
Create VHD (Not VHDX) locally, sysprep if OS image.
Add-AzureVHD
Upload VHD file to blob storage

Add-AzureDisk
Register VHD as disk image, available to attach to VM.
Add-AzureVMImage
Adds VHD containing sysprepped image to the image repository

Managing Storage
Storage managed through many third party tools
http://
blogs.msdn.com/b/windowsazurestorage/archive/2014/03/1
1/windows-azure-storage-explorers-2014.aspx
Storage explorers require the Azure storage key

Module 6
Hybrid cloud with Microsoft Azure

Virtual Network Features

Customer-managed private virtual networks within
Windows Azure

Bring your own IPv4 addresses

Control over placement of Windows Azure Roles within the network
Stable IPv4 addresses for VMs

Hosted VPN Gateway enables site-to-site connectivity

Automated provisioning & management

Support existing on-premises VPN devices

Use on-premise DNS servers for name resolution

Enables customers to use their on-premise DNS servers for name resolution
Enables VMs running in Windows Azure to be joined to corporate domains running
on-premise (use your on-premise Active Directory)

Local Network
An IP address range which represents the IP subnets

on your local networks, used to build routing tables.

VPN Configuration
Azure provides gateway and configuration script
Run configuration script on local device
RRAS, Cisco, or Juniper devices
RRAS as a Powershell script.
Connection uses L2TP with shared secret

authentication
Manage shared secret in Microsoft Azure.

Example Deployment
Contoso Production
VNet in Windows
Azure (10.1.0.0/16)

The Corp. HQ
SQL Farm

(10.0.0.0/16)

10.2.2.0/2
4

10.2.3.0/2
4

IIS Servers
131.57.23.120
10.0.0.10
10.0.0.11

AD / DNS

Exchange

65.52.249.22 10.1.0.4

S2S VPN tunnels

S2S VPN
Device

10.1.1.4

Contoso Test in
Windows Azure
(10.2.0.0/16)

BRK Gateway
10.2.2.0/2
4

10.2.3.0/2
4

Multiple VPNs and Hybrid Site

to Site

Multiple Site to Site VPNs to a single V-Net is now

supported.

http://msdn.microsoft.com/en-us/library/azure/dn690124.aspx

Public Identity as the control point

Active Directory
Microsoft apps

Active Directory
Custom
LOB apps

Other Directories

ISV/CSV
apps

Non-MS cloud-based apps

PCs and devices

Introducing
Windows Azure Backup
Simple and reliable server backup to the
cloud
Ofsite data protection in Windows
Azure storage.
Data is encrypted and secure.
Efficient use of network and storage
resources.
Enhances Microsoft backup tools with
cloud backup capabilities.

Store, backup, recover

Microsoft SQL Server
Backup and restore database
to the cloud

Direct URL backup

to Azure Storage

SQL Server Management Studio

Restore in Azure
Virtual Machine

Benefits
Reliable of-site data backup
for SQL images
Easily restore databases
using VMs

Store, backup, recover your data

Microsoft Azure
Backup
datacenter data to Windows
Backup

using System Center Data Protection

Manager
Backup and recover files/folders from
Windows Server 2012 SP1 / R2
Your On-Premises
Datacenter
Windows
Windows
Windows
Windows

Server
Server
Server
Server

2012 R2
2012
2012 Essentials
2008 R2 (SP1)

System Center 2012 DPM SP1 /

R2

Benefits
Reliable ofsite data
protection
Simple, familiar, integrated
Efficient backup and recovery
Easy set up

How Windows Azure Backup works

1. Sign up

2. Install agent
gi
e
R
3.

an
r
ste

ure
g
fi
on
c
d

4. Back up encrypted data

Window Server
2012

5. Recover to the same or a diferent server

`

Small business or branch office

How Windows Azure Backup works

1. Sign up

2. Install agent
gi
e
R
3.

an
r
ste

ure
g
fi
on
c
d

4. Back up encrypted data

System
Center
DPM Server

5. Recover to the same or a diferent server

Enterprises with System Center

StorSimple

Hybrid Cloud Storage Architecture

ON PREMISES DATA CENTER

Application or File servers

Physical servers

Hyper-V or VMware

iSCSI SAN (over IP)

MGMT

DATA

SSD
StorSimple
CiS

SAS

Block-based
storage

High frequency data access

Low latency, high throughput

Smallest capacity tier (on-premise)

Periodic data access

Moderate latency and good throughout

Larger capacity tier (on-premise)

PUBLIC
CLOUD

Internet
connection

Object
storage

Rare data access

High latency and low throughput

Largest capacity

Automated tiering
Application or File
servers

Linear Data
Deduplicated Data

Deduplicated &
compressed Data

Deduplicated,
compressed, &
Encrypted Data

SSD

SAS

The oldest block in

the tier is the first to
move to the next tier

DATA PROTECTION

HyperV Replica
Replicate HyperV VMs
from
a Primary to a Replica
site

Afordable in-box business continuity

and disaster recovery
Configurable replication frequencies
of
30 seconds, 5 minutes and 15
minutes
Secure replication across network
Agnostic of hardware on either site
No need for other virtual machine
replication technologies
Automatic handling of live migration
Simpler configuration and
management

Once
Once
Upon
replicated,
Hyper-V
site failure,
Replica
changes
VMs
is enabled,
can
replicated
be started
VMs
on chosen
begin
on
secondary
replication
frequency
site
Primary Site

Initial Replica
Replicated
Changes

CSV on
Block
Storage

Secondary Site

SMB Share
File Based
Storage

DATA PROTECTION

Hyper-V Replica | Extended

Replicate to 3rd Location
Replication
for Extra Level of
Replication
can be
enabled on
theprimary
1 replica
Replication
configured
from
to to a
st

Resiliency

Once a VM has been successfully

replicated to the replica site, replica
can be replicated to a 3rd location
Chained Replication
Extended Replica contents match the
original replication contents
Extended Replica replication
frequencies can difer from original
replica
Useful for scenarios such as SMB ->
Service Provider -> Service Provider
DR Site

3rd site
secondary

Replication

DR Site

DAS
Storage

Introducing Windows Azure

Site Recovery
Protects vital workloads running in your
private cloud by replicating virtual machines
to a secondary site

Monitors the health of System Center

Virtual Machine Manager clouds
Orchestrates the quick recovery of
virtual machines at your secondary
site
Automates replication protection
with in-box technologies and cloud-

How it works: configure

Sign up

Site A
System Center
Virtual
Machine
Manager

Create a recovery
plan

System Center
Virtual
Machine
Manager

Site B

AD
SQ
L
Exc
h

How it works: create recovery plan

Configur
e

Create
recovery
plan

Health
monitorin
g

Create a recovery
plan

Site A
System Center
Virtual
Machine
Manager

AD
SQ
L
Exc
h

Hyper-V Replica
replicates virtual
machines

System Center
Virtual
Machine
Manager

Site B

How it works: recover from

datacenter failure

Create a recovery
plan

Create
recovery
plan

Orchestrates
recovery of services
in the
event of an outage

System Center
Virtual
Machine
Microsoft
Manager

AD
SQ
L
Exc

Azureh

Site B

Integration across the infrastructure

Inbound to System Center
Bi-directional from Orchestrator
Bi-directional for notifications/reporting
Bi-directional Runbook integration

Virtual Machine
Manager
Operations
Manager
Configuration
Manager

Orchestrator
Runboo
ks

BI through Reporting and

Dashboards

Active
Directory
Notifications
via Exchange
Microsoft Exchange
(Admin + User)
Azure Cloud
Management
Third-party
Management Tools

Service
Manager
Centralize
d

CMD
B

Service
Manager
Data
Warehouse

Inbound andcommands
Bi-directional
Configuration
Automation
outbound
connector
items andnotifications
issued
for
automation
automation
to System
and
data
activities Intelligence
populated
Center,
Business
and
intoexecuting
CMDB
automation
workflows tools, Microsoft Exchange and
third-party

System Center App Controller

Flexible delegation with single sign-on

Self-service visibility for

applicationservices across on-premises,
service provider, and Windows Azure
Easy VM and workload portability from
on-premises to Windows Azure
(including SharePoint and SQL)

Deep infrastructure and workload

insight
Windows
Availability and performance
monitoring for Windows Azure
Virtual Machines & Windows
Azure Storage

VMware vSphere monitoring

with VEEAM Management
Pack

Expanded cloud infrastructure

health visualization with
integration between VMM &
Operations Manager
components
Native SNMP-based network
monitoring

Azure Storage

Compute

Cloud-integrated
monitoring
Integrated System Center
Advisor views with
Operations Manager
connector

Comprehensive
System Center Monitoring

VMware
vSphere

Compute

Windows Server
2012

Storage

Network

Operations Manager & Azure

IaaS

System
Center
Operation
s Manager

Treat as normal
server,
including using a
SCOM agent

+
Management
Pack for
Windows Azure

PaaS
Monitoring is
agentless,
use normal API and
diagnostics for
monitoring
(and uses certificate
for authentication)

Global
Service
Monitor

Azure-integrated insight with

Global Service Monitor (GSM)

Microsoft
Visual
Studio 2012

Customer
datacenter

Operations
manager

!
Production
application

Global
Service
Monitor
(running in
Azure)

Extreme automation to manage the

Cloud
Service Manager
Orchestrator
CMDB

Runbooks

Knowledg
e base
Data
warehous
e

Azure
Integration
Pack

External Cloud

PowerShel
l

Workflows

Manual and repetitive processes

Service Offerings
automated by the power of
runbooks and PowerShell, using
Catalog
information stored in the
Work Items
centralized CMDB
Knowledge
Templates
Configuration Items

Systems Center Components

App Controller
SM Portal

Application
Owner
Tenant Admin

Integration Packs for automation

across clouds
Private Cloud

Microsoft Cloud

Service
Provider

Out-of-the-box
Partner
enabled IPs
Kelverion

Orchestrator integration enables Microsoft and third-party platforms to coordinate and use operational data

ServiceNow
BMC
in the infrastructure across varying cloud scenarios
(on-premises, Microsoft cloud and service provider
clouds)
Data
All Systems
Dell
- AIM Center Components Windows
Manipulation
Windows
Azure
Azure
Active Directory
SharePoint
SharePoint
HTTP Applications
NetApp
- OCPM
Exchange
Exchange (User
(User
and
and
Admin)
Admin) FTP
FTPInfront Consulting Group
Cisco
IBM Tivoli Netcool/Omnibus
VMware vSphere
UCS
Sagent
HP (OM, SM, iLO)
NCM JaxMP/Frysoft
FrontRange HEAT
New
capabilities
in -R2
Tectia SFTP with Certificates
Vision
Solutions

Azure automation
Optimize and
extend existing
investments

Deliver flexible
and reliable
services

Lower costs and

improve
predictability

Integration
Integrate into existing
systems with PowerShell
integration modules
Build additional PS modules
to enable integrating into
other systems

Orchestration
Accelerate time to value
with flexible process
workflows
Improve service
reliability across multiple
tools, systems, and
department silos

Automation
Enable service owners to
focus on work that adds
business value
Reduce error-prone manual
activities while lowering
costs

Azure Automation
Capabilities

Runbook Authoring in Azure:

Create runbooks to automate all aspects of cloud operations, from deployment, monitoring, and optimizations

Highly Available Engine:

Support requirements for scale and H/A.
Built on PowerShell Workflow. Isolation for runbook jobs

Azure

Automation
Integration into other systems:
rd
Import PS modules and create additionalBackup
modules and runbooks
for AzureRemediate
services or to connect
Patch
Staged
Backup
Patch
Stagedinto 3 party systems

SQL
SQL Azure
Azure
on
on a
a
schedule
schedule

Azure
Azure VMs
VMs
without
without
downtime
downtime

Remediate
alert
alert on
on a
a
service
service

Monitoring
Systems

deploymen
deploymen
tt of
of a
a
service
service

Change
Control
Systems

Anything

Azure Automation
Scenarios
Patch / Update /
Change Control &
Backup
Orchestration

Patch Azure IaaS VMs without

downtime, leveraging Traffic
manager.
Enable regeneration of
storage account keys while
avoiding downtime in the
application.
SQL Backup on a schedule.
Backup and restore IaaS VMs.

Provisioning

Deploy a VM on an Azure /
On-Premise cloud and enable
monitoring for the VM.
Deploy a new service to Azure
and configure the end points
for CPU and Memory alerts.

Monitoring &
Remediation

Alert on a VM then turn on

tracing, collect logs, upload to
Azure Storage and make
available in Visual Studio for
troubleshooting.

Deploy application from Git,

run validation tests, and swap
to production if tests pass.

Monitor for when a new

service gets created, and
configure it for the right
tracing / backup policy.

Monitor SharePoint online for

an approval to update a
service and update the
service once approved.

Notify users of a subscription

who have underutilized VMs
and perform remediation.

If you think you will

do a task twice
automate it!

Technick zdroje online

Materily ke staen, virtuln
laby, zkuebn verze
Denn zpravodajstv a technick
informace v etin
Pravideln souhrn novinek v
etin 1x msn
Zznamy z akc, videa,
screencasty, nvody

http://aka.ms/Azure-CZ
http://aka.ms/technetcz (pro IT
odbornky)
http://aka.ms/msdncz (pro vvoje)
MSDN newsletter (pro vvoje)
TechNet Flash (pro IT odbornky)
Channel9

Microsoft
Virtual
Academy
Technick online kurzy, e-knihy,
nvody

www.mva.ms