Charles Joy, Michael Greene, Jeff Goldner

Automated Workload Provisioning with the Azure Pack and Windows PowerShell CDP-B353

Intro & expectations

Microsoft Cloud Platform System powered by DellAzure-consistent Cloud in a Box

Dell PowerEdge servers

Dell Storage

Dell Networking

Tightly integrated components

Windows Server 2012 R2, System Center 2012 R2, Windows Azure Pack

Microsoft-designed architecture based on Public Cloud learning

Microsoft-led support & orchestrated updates

Optimized run-books for Microsoft applications

• Pre-deployed infrastructure• Switches, load balancer, storage,

compute, network edge• N+2 fault tolerant (N+1

networking)• Pre-configured as per best practices• Integrated Management

• Configure, deploy, patching• Monitoring• Backup and DR• Automation

• 8000 VM’s*, 1.1 PB of total storage• Optimized deployment and

operations for Microsoft and other standard workloads

Cloud Platform System - CapabilitiesProven solution stack

* VM Topology - 2vCPU, 1.75 GB Ram, 50 GB Disk

SQL ServerSYSTEM CENTER

SMB 3.0 & STORAGE SPACES

HYPER-VHOSTS

HYPER-VNETWORKING

SERVICE MANAGEMENT API

ADMINPORTAL

TENANTPORTAL

Dell PowerEdge Servers

Dell Storage Dell Networking

+ optimized racking and cabling for high density and reliability

Dell Enterprise infrastructure

WINDOWS AZURE PACK

Service Providers or Enterprises acting like Service Providers will use CPS* to host Applications for TenantsWAP is the Tenant Experience for CPSVMRoles are the method for deploying VMs + Application payload in WAPExchange and SharePoint do not support VMRoles for Production Deployments VMRoles are: Single Tier, No Fixed Virtual Disks, etc.

Background and Problem Statement

*CPS is explained in more detail on the next slide.

GoalDeliver Production Supported Microsoft 1st Party Workloads using VMRoles.

ScopeWindows Azure Pack (WAP) Multi-Tier Service based on VMRoles to deploy production-ready Active Directory, Exchange, and SharePoint, leveraging Service Management Automation (SMA) and PowerShell Desired State Configuration (DSC).

Solution Goal / Scope

Experience to create/configure/modify/support these deployment artifacts would need to be pretty advanced (400+) and cover the following:

VMRole creation/modification (VMRAT) SMA Runbook creation/modification (PowerShell Workflow) DSC Configuration/Resource creation/modification (PowerShell DSC)

Technology Experience Level Requirements

demo kickoff

Automated Tenant Provisioning with SMA + VMRole + DSC

The technology

Solution Components

SMA = Automation

DSC = Deployment/Configuration

VMRoles = Provisioning

Leverage VMRoles as the delivery mechanism for DSC, orchestrated by SMA*Leverage DSC as the lowest common denominator for Application Deployment and VM CustomizationLeverage SMA to perform all the pre-requisite tasks for the VMRoles themselves (VMRole dependency, VHD Attach, Network Creation, NAT Rule Creation, Connectivity Verification, etc.)Basically…Everything outside the VM is handled by SMA, everything inside the VM is handled by DSC (unless it is an environmental prerequisite)

Technology / Architecture Decisions

*SMA Runbooks are Invoked by WAP/SPF Events for Subscription.Create and MicrosoftCompute.VMRole.Create

Technology / Architecture Visualization

SMA = Automation

DSC = Deployment/Configuration

VMRoles = Provisioning

The scenario

Tenant ProvisioningInitiated by Subscription to PlanIsolated SDN

NAT Gateways Available for Inbound and Outbound RoutingMulti-VM Service with VMRole Deployment

VMRole Pre-Requisite and Dependency TasksPost Deployment VMRole Tasks

Deployment Notifications

Tenant DeprovisioningInitiated by Subscription DeletionRemoval of all Subscription Resources

SMA Automated Tenant Scenarios

VMRoles Completed

VM Configuration

Started

NAT Rules CreatedFixed Disks

Created/AttachedVMRole Scaled

Application Deployment

Started

Generic Deployment Process / Timeline*

WAP Subscription

Created

VM Network Created

VMRole Deployments

Started

VMRoles Monitored

VMRole Deployment/Scale Completed Notifications

Sent

VM Status Monitored via

NAT GW Endpoint

Application Deployment Completed

Final Notifications

Sent

User SMA DSCKey

No Auto InitiationDIY: Capacity and Availability for all VMRoles

Semi AutoTable Stakes: Isolated Network + AD

Full AutoDedicated Exchange: Everything in Table Stakes + Exchange Roles (MBX and CAS)Dedicated SQL: Everything in Table Stakes + SQL RolesDedicated SharePoint: Everything in Table Stakes + SQL Roles + SharePoint RolesDedicated 1st Party Workloads: Everything in Table Stakes + Exchange Roles + SQL Roles + SharePoint Roles

VMRole Scenarios

The solution

Exch CAS

Exch CAS

SPFE

SPFE

Exch MBX

Exch MBX

SPApp

SPSearch

AD ADSQL (Always

On)

SQL(Always

On)

Exch (CAS+MB

X)SP

AD SQL

Small Collaboration Tile (Dev/Test)

Scalable Collaboration Tile

• VMRoles deployable via WAP (Driven by SMA; Configured by DSC)• Samples provided supporting virtualized Microsoft workloads• Small (single VM) and medium scalable (HA) deployments available

• Suitable for different sized tenants

Workload Sizing Samples

Asynchronous Deployments

Subscription

DC

-Serv

er0

001

DC

-Serv

er0

002

MB

X-

Serv

er0

00

1

MB

X-

Serv

er0

00

2

SQ

L-Serv

er0

00

1

SPA

P-S

erv

er0

002

CA

S-

Serv

er0

00

1

CA

S-

Serv

er0

00

2

SQ

L-Serv

er0

00

2

SQ

W-S

erv

er0

00

3

SPFE

-Serv

er0

00

1

SPFE

-Serv

er0

00

2

SPA

P-S

erv

er0

001

DSC SMA

Creates NetworkDeploys/Monitors VMRoles

Creates Data DisksCreates NAT Rules

Initializes Source Disk / Assigns Drive LetterInstalls Windows Roles & FeaturesInitializes Data Disk / Assigns Drive LetterRuns Workload SetupPerforms Post-Install Configuration

Dedicated Exchange ScenarioDeployment Time ComparisonSmall Tile vs. Medium Tile

Small Tile Medium Tile0:00

0:14

0:28

0:43

0:57

1:12

1:26

1:20

1:00

Time

Sync Deployment

VMRole Single Tier

2VMsMBX = 1x 40GB

Disk Copied

Async Deployment

VMRole + DSC6VMs

MBX = 2x 250GB Disk Created

In ScopeCreate based on VMRole with Extended ParametersExchange Deployment Completion ValidationDAGsCertificates / CAS Public NameVHD Calculations based on user inputOthers…

Future Solution Feature Enhancements

Demo checkin

Automated Tenant Provisioning with SMA + VMRole + DSC

Breakout SessionsCDP-B313 - Leveraging Service Management Automation and Windows PowerShell JEA in Service Provider Operations

CDP-B316 - Best Practices for Deploying and Operating Virtual Machine Manager at Datacenter Scale

CDP-B412 - Datacenter Integration Using Automation in System Center 2012 R2 Orchestrator

CDP-B344 - Introduction to the New Microsoft Azure Automation Service

Related content

Find Me Later At. . .Microsoft Expo Hall (anytime we are not speaking!)

http://aka.ms/BuildingClouds and @OrchestratorGuy / @Building_Clouds

Building Clouds Blog - http://aka.ms/BuildingClouds

PowerShell.org - http://powershell.org

@jsnover - https://twitter.com/jsnover

Windows PowerShellBlog - http://blogs.msdn.com/b/powershell

Azure Automation - http://azure.microsoft.com/blog/tag/azure-automation

System Center Orchestrator Engineering Blog - http://blogs.technet.com/b/orchestrator

Track resources

Come visit us in the Microsoft Solutions Experience (MSE)!Look for the Cloud and Datacenter Platform area TechExpo Hall 7

For more informationWindows Server Technical Previewhttp://technet.microsoft.com/library/dn765472.aspx

Windows Server

Microsoft Azure

Microsoft Azurehttp://azure.microsoft.com/en-us/

System Center

System Center Technical Previewhttp://technet.microsoft.com/en-us/library/hh546785.aspx

Azure Pack Azure Packhttp://www.microsoft.com/en-us/server-cloud/products/windows-azure-pack

Resources

Learning

Microsoft Certification & Training Resources

www.microsoft.com/learning

Developer Network

http://developer.microsoft.com

TechNet

Resources for IT Professionals

http://microsoft.com/technet

Sessions on Demand

http://channel9.msdn.com/Events/TechEd

Azure

Implementing Microsoft Azure Infrastructure Solutions

Classroomtraining

Exams

+

(Coming soon)Microsoft Azure Fundamentals

Developing Microsoft Azure Solutions

MOC

10979

Implementing Microsoft Azure Infrastructure Solutions

Onlinetraining

(Coming soon)Architecting Microsoft Azure Solutions

(Coming soon)Architecting Microsoft Azure Solutions

Developing Microsoft Azure Solutions

(Coming soon)Microsoft Azure Fundamentals

http://bit.ly/Azure-Cert

http://bit.ly/Azure-MVA

http://bit.ly/Azure-Train

Get certified for 1/2 the price at TechEd Europe 2014!http://bit.ly/TechEd-CertDeal

2 5 5MOC

20532

MOC

20533

EXAM

532EXAM

533EXAM

534

MVA MVA

Please Complete An Evaluation FormYour input is important!TechEd Schedule Builder CommNet station or PC

TechEd Mobile appPhone or Tablet

QR code

Evaluate this session

© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.