WINDOWS AZURE VIRTUAL

MACHINESNeil Mackenzie

Satory Global , LLC

Who Am I

• Neil Mackenzie

• Windows Azure Lead –Satory Global

• neil.mackenzie@satory.com

• @mknz

• http://convective.wordpress.com

• Author: Microsoft Windows Azure Development Cookbook

• Microsoft MVP for Windows Azure

Agenda

• Windows Azure Overview

• Compute

• Connectivity

• Deployment

WINDOWS AZURE OVERVIEW

Windows Azure

• Microsoft’s public cloud platform

• Global availability

• Scale-out performance model

• Per-minute billing

• Pay-as-you-go, commitment discounts, Enterprise Agreement

• Paid support

Global Availability (Datacenters)

• North America• US East, US West, US North Central, US South Central

• Europe• West Europe (Amsterdam), North Europe (Dublin)

• Asia• East Asia (Hong Kong), South East Asia (Singapore• Announced: Japan East(Tokyo), Japan West (Kansai)

• China (Behind Great Firewall)• Beta: Shanghai

• Australia• Announced: New South Wales, Victoria

Compute Options

• Cloud Services• PaaS• IaaS (Virtual Machines)

• Windows Azure Web Sites

COMPUTE

Cloud Service

• Container for a scalable collection of related VMs• VMs can be heterogeneous (different sizes and OS)

• Cloud service has a single public IP address (VIP)• VIP is stable as long as there is a VM deployed into the service• VIP exists even if there is no public endpoint declared

• Multiple cloud services can be aggregated using a VNET• Each cloud service has its own VIP• VMs can access each other through the VNET

Windows Azure Virtual Machines

• VM• Various instance sizes

• Compute, RAM, # attached disks• Disks are fixed-format VHDs• Autonomic self-healing

• VM moved automatically if fabric controller detects failure of physical server

• Virtualization• Hyper-V• Microsoft manages Host OS• Customer manages Guest OS• Virtual layer metrics (CPU, I/O, etc.) exposed to Windows Azure

Management Portal

VM Images

• Gallery Images:• Windows Server 2008 R2, 2012• Linux ( CentOS, Ubuntu, Suse, OpenSuse)• SQL Server, BizTalk Server, SharePoint, …• Oracle (WebLogic, Java, …)

• VM Depot• Pre-configured OSS servers

• Custom Images• Upload images created on-premises

• Fixed-format VHD

Instance Sizes

VM Size Cores Memory

(GB)

Max Disk

s

Max IOPS

Extra Small Shared 0.768 1 1*500

Small 1 1.75 2 2*500

Medium 2 3.5 4 4*500

Large 4 7 8 8*500

Extra Large 8 14 16 16*500

High Memory (A5)

2 14 4 4*500

High Memory (A6)

4 28 8 8*500

High Memory (A7)

8 56 16 16*500

Disks

• Each VM comes with two disks:• OS disk: durable - persisted as page blob in Windows Azure Blob Storage (c:)• Temp Disk: ephemeral – hosted on the VM (d:)

• Additional data disks may be attached• Two 1TB disks per core• 500 iops per disk• Durable – persisted as page blob in Windows Azure Blob Storage• For HA, each disk has 3 local replicas and (optionally) 3 remote replicas

• Caching• Read/write – default for OS disk• None – default for attached data disks

Data Path for Disks

Source:http://bit.ly/18HLobl

High Availability

• Availability Set• Fault domain• Upgrade domain• Each VM has an associated fault domain and upgrade domain• 99.95% SLA when two or more VMs deployed in an availability set

• Fault Domain• Avoids single point of failure (“different racks”)

• Upgrade domain• Host OS upgrades happen one upgrade domain at a time

Deployment Options

• Windows Azure Management Portal• Scripting• PowerShell

• Cross-platform CLI

• Windows Azure Service Management REST API

• System Center

• RightScale

• Chef

CONNECTIVITY

Connectivity Options

• Virtual Network (VNET)• Private network• Hosts one or more cloud services• Provides network integration for PaaS and IaaS cloud services

• VPN• Windows Azure Gateway hosted in a VNET• Site-to-Site (IT Admin)• Point-to-Site (developer)

Network Topology

• VNET• Subnets• VPN Gateway

• Point-to-site VPN• Site-to-Site VPN

• DNS must be provided for name resolution in a VNET

• Cloud service• Single public VIP• Static as long as at least one VM is deployed in the cloud service

• VM• Single NIC• DIP allocated on a permanent lease - as long as VM deployed

Security

• Windows Azure load balancer• Ingress – allows only traffic on endpoints specified for VMs• Egress – allows all traffic

• Protocols• TCP, UDP only• ICMP is NOT supported for ingress (i.e., ping does not work)

• Firewall• Full control of firewall on each VM

• VNET is a security boundary

• Cloud service is a security boundary when not in a VNET

DEPLOYMENT

Cost

• Compute• Windows: 9 cents / hour / core• Linux: 6 cents / hour / core• Per-minute billing• No charge for de-allocated VMs

• Storage• 7 cents / GB / month (locally redundant)• 10 cents / million storage operations• Note that VHDs are stored in page blobs which are sparse (billing only for

used space)

• Egress• 60 cents / 10GB

Affinity Group

• Co-location feature inside a datacenter• Compute• Storage• VNET

• Mandatory for VNET

• Provides improved performance for integrated compute and storage

Workflow for Creating a Cloud Service• Create an affinity group in a specific datacenter

• Provides a logical name for a part of the datacenter• Provides lower latency between compute and storage

• Create a storage account in the affinity group

• Create a VNET in the affinity group

• Create a cloud service in the VNET

Workflow for Creating a VM

• Create a VM in the cloud service• Select instance size• Select OS image or existing VHD• Add endpoints (if desired)

• Load balanced / port forwarded• Create/add VM to availability set (if desired for HA)• Add one or more data disks (if desired)

Workflow for Creating VM Image

• Create VM in a cloud service

• Install and configure required software

• Windows VM - RDP in and invoke %windir%\system32\sysprep.exe

• Linux VM - SSH in and invoke: sudo waagent –deprovision

• On the portal, Capture the image• Automatically deletes the VM

%windir%\system32\sysprep

Creating Composite Applications

• Multiple cloud services• IaaS• PaaS

• On-Premises • Site-to-Site VPN

Summary

• Windows Azure Platform• Compute• Storage• Connectivity• Services

• Windows Azure Virtual Machines• Powerful IaaS offering• Full control over servers• Windows and Linux VMs• Deploy pre-configured Windows Servers, Oracle servers, and OSS

servers• Cost effective