View
216
Download
0
Category
Preview:
Citation preview
presenta
CP004Microsoft Azure & Amazon AWS Architectural comparison
Francesco Diaz - @francedit
francesco.diaz@insight.com
http://francescodiaz.azurewebsites.net
Francesco Delfino- @delfinof
francesco@musixmatch.com
Session Objective andAgenda
SESSION OBJECTIVE
• Provide an architectural description of the two platforms, comparing main features and workloads
AGENDA
• Introduction and overview
• Authentication
• Networks
• Virtual Machines
• Storage
• Databases
• Final considerations
• Other features (if we have time )
Amazon AWS and Microsoft Azure
Both are leaders in Public Cloud market
Both have global coverage
Many services are similar
Web Portal and Administration tools via CLI/Powershell/API
Two platforms very similar, but
different
Platform Services
Infrastructure Services
Web Apps
MobileApps
APIManagement
API Apps
Logic Apps
Notification Hubs
Content DeliveryNetwork (CDN)
Media Services
BizTalkServices
HybridConnections
Service Bus
StorageQueues
HybridOperations
Backup
StorSimple
Azure SiteRecovery
Import/Export
SQL Database
DocumentDB
RedisCache
AzureSearch
StorageTables
DataWarehouse
Azure AD Health Monitoring
AD PrivilegedIdentity Management
OperationalAnalytics
Cloud Services
BatchRemoteApp
ServiceFabric
Visual Studio
AppInsights
Azure SDK
VS Online
Domain Services
HDInsight MachineLearning
StreamAnalytics
Data Factory
EventHubs
MobileEngagement
Data Lake
IoT Hub
Data Catalog
Security & Management
Azure ActiveDirectory
Multi-FactorAuthentication
Automation
Portal
Key Vault
Store/Marketplace
VM Image Gallery& VM Depot
Azure ADB2C
Scheduler
Microsoft Azure
Technology Stack Comparison
Capability Microsoft Azure Amazon Web Services
Compute Virtual Machines AWS EC2
Networking Virtual Network, Traffic Manager, Azure DNS ,
Express Route
Direct Connect, VPC, Elastic Load Balancer,
Route 53
Content Delivery Azure CDN AWS CloudFront
Infrastructure Services
Data Services
Capability Microsoft Azure Amazon Web Services
Database Azure SQL DB, Azure SQL DataWarehouse Amazon RDS, Amazon RedShift
Big Data HDInsight Elastic Map Reduce
Blob storage Azure Blobs Simple Storage Service (S3)
Table storage Azure Tables, DocumentDB SimpleDB, DynamoDB
Storage – Drives Azure Drives Elastic Block Storage
Hybrid Storage Solutions StorSimple, Backup Service AWS Gateway
Technology Stack Comparison
Capability Microsoft Azure Amazon Web Services
Messaging Azure Service Bus, Queues , Notification Hubs AWS SQS , AWS SNS
Caching Service Azure Cache AWS Elastic Cache
Management Management Portal, Power Shell, CLI, System
Center 2012
AWS Management Console, Powershell, CLI
Monitoring Diagnostics & Service, Management APIs,
SCOM Pack
CloudWatch, Alarm
Authentication & Authorization Azure Active Directory Identity & Access Management
(IAM),
Development Tools Toolkit for Eclipse and Visual Studio Toolkit for Eclipse and Visual Studio
Supported Libraries and SDKs many many
App Services Azure Media Services, Visual Studio Online,
RemoteApp
Elastic Transcoder, AWS Workspaces
App Deployment Automatically handled , PowerShell, Azure
Resource Manager
Amazon Elastic Beanstalk, CloudFormation,
OpsWorks
App Services
Pricing model
Amazon AWS
Free tier for 1 year (limited to some services)
Pay per use
Spot instances
Reserved instances (limited to some services)
Microsoft Azure
1 month trial (limited to 170€)
Pay per use
Monetary commitment
https://azure.microsoft.com/it-
it/pricing/free-trial/https://aws.amazon.com/free/
Access control with AAD
• Manage users and access to cloud resources.
• Extend your on premise Active Directory to the cloud.
• Provide single-sign-on (SSO) across your cloud applications.
• Reduce risks by enabling multi-factor authentication.
• Support development’s need to build secure directory integrated applications for the enterprise.
Microsoft Azure Active Directory
11
Account Control with Identity and Access Management (IAM)
Securely control access to AWS services and resources
Create and manage user identities
Grant permissions for those users to access your resources
Grant permission for users outside of AWS (“federated users”)
Lets you use existing corporate identities to grant secure access to your resources (e.g. Amazon S3 bucket)
DEMO- Where do I need to start?
- Portal
- Authentication
- Amazon CLI and Azure CLI e cofigurazione
- Utilizzo tool CLI amazon per l’allocazione di un IP
Users
Internet
Azure Networking
Azure
Virtual Network
Dynamic/Reserved Public IP addresses
Direct VM access, ACLs for security
Load balancing
DNS services: hosting, traffic
management
DDoS protection
“Bring Your Own Network”
Segment with subnets and
security groups
Control traffic flow with User
Defined Routes
Point-to-site for dev / test
VPN Gateways for secure site-
to-site connectivity
ExpressRoute for private
enterprise grade connectivity
Backend Connectivity
ExpressRouteVPN Gateways
Layered Security, Protection, and Isolation
DDoS
Protection
Virtual
Network
Isolation
NSGVM
Firewall
Cloud Services
&Virtual Machines Internet
ACLs
DEMO- VNET Setup on Azure (192.168.132.0/22)
- VPN Gateway on Azure (Dynamic Routing Gateway)
- VPC Setup on Amazon ( 192.168.128.0/22)
- Internet Gateway on Amazon
Choose a VHD from:
Import from on-premises
Linux, Windows
Pre-configured images
Azure Marketplace
Create your own image
Admin and scale:
Admin via API, Powershell, CLI
Scale as needed
Azure Virtual Machines
What is Amazon Elastic Compute Cloud (Amazon EC2)?
Service
Query API instance (EC2-RunInstances, EC2-TerminateInstances)
Virtual machines
Select a pre-configured Amazon Machine Image (AMI) to get up and running immediately
AWS has no access into your host operating system
Elastic web-scale computing
Scale as needed
Thousands of cores, multiple Availability Zones, global locations
Utility
Pay for only what you use
Computing in the AWS Cloud: Amazon Elastic Compute Cloud
Amazon Machine Image (AMI) provides the information required to launch an instance
Root Volume + Metadata
Choose an AMI from:
Basic Amazon Machine Image (AMI) provided by AWS
AWS Marketplace (http://aws.amazon.com/marketplace)
• Leverage BigIP or NetScaler AMI for load balancer
• SAP
• …etc
Community AMIs
Create your own AMI
• Customize and create your own AMI from a base AMI
VM Import/Export
• Tool to import VM images from your local environment into AWS
Where Does the Operating System Come From?
Virtual Machines types and use cases
Microsoft Azure A basic
general purpose (Dev/Test, non storage intensive apps)
A standard (medium DBs, biz apps)
A8-A11compute intensive (HPC, network perf., etc.)
D seriesSSD local storage (up to ent. App. Level)
DS seriespremium storage (storage optimized)
Ghigh mem/cpu and local storage
GSsame as G with storage premium
GPU optimized(Private Preview)
Others...
Amazon AWST1low throughput apps
T2general purpose (Dev/Test, small DBs, etc.)
M3SSD instance storage (medium DBs, Business APPs)
C4computed optimized (High-performance apps, video encoding, MMO, Analytics)
R3memory optimized (in-memory analytics, distributed mem caches
G2GPU opt. (server side graphics, game streaming)
I2storage opt (NoSQL, DW, Scale out OLTP)
D2MPP DW, HDFS, MapReduce
Others...
DEMO- Linux server on Azure
- Linux server on AWS (bash script)
- Windows Server on AWS (powershell script, RRAS)
- Security Group config on AWS
• Azure Storage
AWS and Azure Storage
Foundational building block of the Azure cloud
Data offerings: Object storage (Blobs, Files), NoSQL (Tables), Reliable Queues, Persistent Disks
Hybrid storage and backup
• Azure Backup,
• StorSimple
Storage solutions available in the AWS cloud:
Block Storage• Amazon Elastic Block Store (EBS)
and Instance Store
Object Storage
• Amazon S3
• Amazon Glacier
Azure Storage Offerings
Queues“Reliable messaging
at scale for cloud
services”
Disks“Persistent disks for
Azure IaaS VMs”
Files“SMB Access to
Azure Storage”
Queues“Reliable messaging system at scale for cloud services”
• Decouple components and scale them independently
• Scheduling of asynchronous tasks
• Building processes/work flows
• No limits on number of queues or messages
• Message visibility timeout to protect from component issues
• UpdateMessage to checkpoint progress part way through
Disks“Persistent disks for your Azure IaaS VMs”
• All Azure IaaS VMs – Both OS and data disks
• VHDs are backed to page blobs
• 3 synchronous, strongly consistent copies
• Can stripe disks for more capacity/throughput
• Premium Storage disks allow for scale up workloads
Files“SMB Access to Azure Storage”
• Lift and shift on-premise applications
• Natively supported by OS APIs, libraries and tools
• Built on SMB2.1, works with Windows and Linux
• No limits on number of shares; 5TB and 1000 IOPS per share
SubscriptionResource
Group
Relating Azure Storage Concepts
Storage Account Container Blob
Table
Block Blob
Page Blob
Amazon EBS is virtual network-attached block storage
Each volume is like a network-attached virtual hard drive
Amazon EBS volume persists and can be attached to another Amazon EC2 instance
Decoupling the life of your data from the life of your instance volume is like a network-attached
Amazon EBS volume can be re-attached to another Amazon EC2 instance
Multiple volumes can be attached to a single Amazon EC2 instance
What are the Characteristics of Amazon EBS?
Note: Volumes
cannot be
shared with
multiple Amazon
EC2 instances
General Purpose (SSD) Provisioned IOPS (SSD) Magnetic
Use case • System boot volumes
• Virtual desktops
• Small to medium-
sized databases
• Development and
test environments
• Critical business
applications that
require sustained IOPS
performance above
3000 IOPS
• Large database
workloads, such as
MongoDB, SQL Server,
MySQL, PostgreSQL,
and Oracle
• Cold workloads
where data is
infrequently accessed
• Scenarios where the
lowest storage cost is
important
Volume size 1 GiB–16 TiB 4 GiB–16 TiB 1 GiB–1 TiB
IOPS
Performance
3 IOPS/GiB (up to 10000
IOPS) baseline, with the
ability to burst to 3000
IOPS maximum
Consistently performs at
provisioned level, up to
20000 IOPS maximum
100 IOPS on average
with the ability to burst
to hundreds of IOPS
Amazon EBS Types
Bucket name must be unique and object key must be unique within a bucket
Bucket name + object name (key) = globally unique
Max 1024 bytes UTF-8
Including ‘path’ prefixes
Terminologies: Buckets, Objects, and Keys
this is an object key
drafts/rpt.doc
DEMO- RDP and SSH connection in AWS/Azure
- RRAS configuration- Remember to check Source Check to false on the network interface)
- Connect a EBS disk to a Linux instance
Produce and consume large volumes of data
Need instant response times to match modern user expectations
Develop iteratively
Support multiple platforms & versions concurrently
Need query & processing capabilities absent in NoSQL
Experience traffic with extreme highs and lows
DocumentDB is good fit if you …
• Rich SQL queries over schema-less data Real-time SQL over JSON
documents
Requires no secondary indices or hints or attributes
• Language Integrated Transactions JavaScript as a “modern day T-SQL”
Multi-document transactions over stored procedures and pre and post-triggers
Capabilities• Tunable Consistency Levels
Flexible to trade-off between performance and staleness
Not just the polar extremes of strong and eventual consistency
• Indexing, storage, tooling Automatic document indexing
Data stored on SSD disks
JavaScript, Java, Node.js, Python, .NET
• Predictable performance & Pricing
• Elastic database pool for unpredictable SaaS workloads
• Geo-replication and restore services for data protection
• Secure and compliant for your sensitive data
• Almost 100% compatible with SQL Server
• V12 with embedded enterprise features (partitioning, TDE, In-Memory, etc.
• Third-party RDBMS (e.g. MySQL) via Marketplace
Azure SQL Database
Low latency
SSD-based storage nodes
Latency = single-digit milliseconds
Massive and seamless scalability
No table size or throughput limits
Live repartitioning for changes to storage and throughput
Predictable performance
Provisioned throughput model
Durable and available
Consistent, disk-only writes
Fully managed NoSQL database service – Zero Administration!
Key Chatacteristics of Amazon DynamoDB
Amazon Relational Database Service (RDS) is a fully managed SQL database service.
Choice of database engines: MySQL, Oracle, Microsoft SQL Server, PostgreSQL, and Aurora
Simple to deploy and scale
Supports multi-AZ deployment for high availability and failover
Reliable and cost-effective
Removes undifferentiated heavy lifting
Why Amazon RDS instead of DIY?
Additional services
• For each of the services that could come up into your mind...
• ...probably there is a service available
RECAP
• Introduction and overview
• Authentication
• Networks
• Virtual Machines
• Storage
• Databases
THANK YOU!
Francesco Diazfrancesco.diaz@insight.com
insight.com
Mobile:
Francesco Delfino
francesco@musixmatch.com
musixmatch.com
Mobile:
46
@francedit
@delfinof
it.linkedin.it/in/francescodiaz
it.linkedin.it/in/fdelfino
Recommended