Windows Azure Pack permet de mettre en place au sein de vos Datacenters des services similaires à ceux que vous trouvez aujourd’hui sur Azure : Web Site Cloud, VM Cloud, Service Bus Cloud, SQL Server, MySQL Server. Au cours de cette session nous présenterons de manière détaillée les capacités proposées par Windows Azure Pack en terme de gestion de Clouds de machines virtuelles
Speakers : Christophe Dubos (Microsoft), Fabrice Meillon (Microsoft), Emmanuel Torchy (Microsoft France)
Tout ce que vous avez toujours voulu savoir sur Windows Azure Pack sans jamais oser le demander
1.
2. Tout ce que vous avez toujours
voulu savoir sur Windows Azure
Fabrice Meillon, Christophe Pack
Dubos
%Insérer_ici_des_titres_pompeux%
Microsoft France
Infrastructure, communication & collaboration
3. Agenda
Introduction
Quels scenario de
mise en œuvre
pour Windows
Azure Pack ?
WAP - principales
caractéristiques
de l’architecture
et du modèle de
service
#mstechdays
Questions /
Réponses
Scénarii avancés
et extensibilité,
comment aller
plus loin avec
WAP ?
Infrastructure, communication & collaboration
4. WINDOWS AZURE PACK
Qu’est ce que c’est et à quoi ça sert ?
#mstechdays
Infrastructure, communication & collaboration
9. Services à destination des utilisateurs
Plateforme et
applications
Web Platform as a
Services
(PaaS)
#mstechdays
Infrastructure
as a Service
(IaaS)
Service de
messages
Azure
Réseaux
virtuels
SCVMM
Infrastructure, communication & collaboration
SQL Server et
MySQL
10. WAP - QUELLE ARCHITECTURE ?
Architecture fonctionnelle et architecture technique
#mstechdays
Infrastructure, communication & collaboration
12. Architecture technique
Service Management API
Service Provider Foundation
Virtual Machines
Virtual Machine
Manager
Microsoft System Center 2012 R2
Windows Server 2012 R2
#mstechdays
Infrastructure, communication & collaboration
13. Modes de mise en œuvre
• Express
Simple/rapide
Déploiement de l’ensemble des composants sur un seul serveur
(portail, APIs, backend services, bases de données)
Destiné aux environnements de lab ou de démo
• Distribué
Environnements de production
Offre la souplesse de déploiement adaptée aux besoins et
contraintes de chaque environnement
Performance et montée en charge, sécurité, disponibilité
#mstechdays
Infrastructure, communication & collaboration
14. Déploiement en mode Express
•
•
#mstechdays
Déploiement de l’ensemble des Services/API
et du portail au sein d’une seule VM
Dans le cadre de maquettes ou hors
production
Infrastructure, communication & collaboration
15. •
•
•
Déploiement en mode Distribué
Séparation des composants pour une sécurité accrue
Intégration avec les services de fédération pour utiliser différents fournisseurs
d’identité
Augmentation du nombre de serveurs pour une montée en charge / disponibilité
accrue
#mstechdays
Infrastructure, communication & collaboration
18. Portail utilisateurs - Sites web
Mise en œuvre d’applications web
“scalables”
Gestion de l’application en temps réel
Télémétrie
Montée à l’échelle “en un click”
Support de .Net, Node.js, PHP, Python
Intégration avec les outils de contrôle des
sources
#mstechdays
Infrastructure, communication & collaboration
19. Portail utilisateurs - Service bus
Service de Messages pour les
applications cloud hébergées dans Azure
Délivrance des messages garantie
Basé sur un modèle PublicationSouscription
Basé sur des protocoles Standards
(REST, AMQP, WS*)
Interopérabilité (.NET, Java/JMS, C/C++)
Intégré au portail d’administration
#mstechdays
Infrastructure, communication & collaboration
20. Portail utilisateurs - Machines virtuelles
Modèle IaaS similaire à celui de Windows Azure
Interface utilisateur & API
Virtual Machine Roles
Portable
Elasticité
Galerie
Support de Windows et Linux
Réseaux virtuels
Connectivité Site à Site
Adresses IP fournies par l’utilisateur
#mstechdays
Infrastructure, communication & collaboration
21. Portail utilisateurs - Services additionnels
• Services d’identité
– Active Directory
– ADFS Federation
– Co-administrateurs
• Services de bases de données
– SQL Server
– MySQL
• Services spécifiques d’un fournisseur
• Accès via programmation aux services cloud
– Windows Azure REST APIs
#mstechdays
Infrastructure, communication & collaboration
23. Fournisseurs de Service - Administration
Offrir des services à des utilisateurs via
des plans
Fournir des Add-ons aux souscriptions
Gérer les souscriptions
Administrer les services
Etendre et adapter
#mstechdays
Infrastructure, communication & collaboration
24. Fournisseurs de Service - Automatisation
Optimisation et extension des services via
des runbooks
Workflows Powershell
Edition des runbooks via une interface
Web
Gestion des runbooks sous forme de jobs
Intégration avec les autres systèmes et
System Center
#mstechdays
Infrastructure, communication & collaboration
25. Fournisseurs de Service - Utilisation et reporting
Suivi de l’utilisation en continu pour
chaque souscription de chaque tenant
API de facturation par souscription
Data Warehouse IaaS
Etats d’inventaire Server
#mstechdays
Infrastructure, communication & collaboration
26. Services à destination des utilisateurs
Plateforme et
applications
Web Platform as a
Services
(PaaS)
#mstechdays
Infrastructure
as a Service
(IaaS)
Service de
messages
Azure
Réseaux
virtuels
SCVMM
Infrastructure, communication & collaboration
SQL Server et
MySQL
27. Windows Azure Pack - Extensibilité
?
Plateforme et
applications
Web Platform as a
Services
(PaaS)
Infrastructure
Services
(IaaS)
Service de
messages
Azure
Réseaux
virtuels
SCVMM
SQL Server et
MySQL
Votre propre
service
28. EN GUISE DE CONCLUSION
#mstechdays
Infrastructure, communication & collaboration
29. Azure / Azure Pack des interfaces utilisateur
cohérentes
Web Sites
Apps
Database
VMs
Customer
Service Provider
Windows Azure
Portail SelfService
Utilisateur
Self Service Portal
Moves On-Premises
Service
Plans
Users
Portail
fournisseu
r
Web Sites
Apps
Database
VMs
Portail SelfService
Utilisateur
Common Mgt.
Experience
Cloud
Services
Web
Sites
VMs
SQL
Service
Bus
Cache
Other
Services
CDN.
Media,, etc.
Cloud-Enabled Services
Move On-Premises
Web
Sites
VMs
SQL
Service
Bus
Futurs
services
R2 w/ Service Provider Foundation
Workload Portability
R2
Consistent Dev.
Experience
#mstechdays
Infrastructure, communication & collaboration
30. Fournisseurs de Service
Propose et administre des services
qui sont fournis à des consommateurs
Consommateurs de
Consomme l’infrastructure et les applications
Service des solutions
Du fournisseur de service comme
Focus très important sur les coûts
Administration en mode self-service
Mise en œuvre rapide
Acquisition de la capacité à la
demande
Intégration avec Hyper-V & System
Center
prêtes à l’usage
Automatisation native
Capacité à réaliser des opérations de
manière autonome
Maximise l’autonomie des utilisateurs
Couts prédictibles
Différentiation des offres via les SLAs
Disponibilité rapide
Extensibilité
#mstechdays
Infrastructure, communication & collaboration
We’re going to take a look at how enterprises and service providers can offer a consistent experience in this section—but I want to start with how Windows Azure works.Windows Azure subscribers--let’s call them customers—access the public cloud through a website, known as the management or customer portal. Basically, this portal is the gateway to a wide range of IT services that are delivered on top of the compute, storage, and network resources found in Microsoft datacenters around the world. Now, at each of these datacenters, there are Microsoft IT administrators that manage resources, allocate those resources to the various services being provided, and manage customer subscriptions. In addition, they bill customers for the services consumed.For the customer, everything is taken care of, so they get the services they need almost instantly. For instance, a developer could provision a test environment in minutes—a far shorter time than many face in their enterprise environments.
Now let’s take a look at how this translates to an enterprise or service provider dataceter. You can see it looks exactly the same. The only difference is that its on-premise, rather than in the cloud.Who are the customers? Well, if you’re a service provider, they’re the customers who pay you to provide IT services. If you’re an enterprise, they’re the employees who consume IT services.Within your datacenter, your administrator performs the exact same functions as in the Microsoft datacenters that Windows Azure uses. He or she configures and defines the resources that support your customers and manages access to services. Admins can also monitor services consumed, so that service providers can price and bill, and enterprises can charge users, departments, or divisions.
Let’s take a look at IT administrator tools—the same tools that Microsoft administrators have for Windows Azure.Just as customers get a consistent experience through the Customer Portal, IT administrators get their own dedicated portal too.The admin portal provides a range of management capabilities:Administrators can build resource clouds, which define the compute, storage, network, and other resource clouds that provide the underpinning of each of the customer services.Administrators can automate services by creating powershell ‘runbooks’ that define a range of processes that should execute under specific circumstances. This automation reduces the need for human intervention, which can help drive down the cost of managing the cloud.Administrators can define pricing structures associated with customer services for billing.Administrators get Tenant Management, which are the administrative tasks associated with managing customer user accounts and report against activity.Administrators can establish hosting plans, which are various combinations of services, resource clouds and quotas, which can then be made availabile to specific groups of customers who can subscribe to them.So how do you get from where you are now to this model? After all, it’s a huge shift from traditional provisioning.
Here’s how: The Windows Azure Pack.Windows Azure Pack for Windows Server is a collection of Windows Azure technologies, available to Microsoft customers at no additional cost for installation into your data center. It runs on top of Windows Server 2012 R2 and System Center 2012 R2 and, through the use of the Windows Azure technologies, enables you to offer a rich, self-service, multi-tenant cloud, consistent with the public Windows Azure experience.That’s the long version. Here’s the short one. WAP is a free download that puts Azure in your datacenter.
Customer PortalThe first component we’ll talk about here is the customer or ‘management’ portal. In Windows Azure this is also known as the “Developer Portal” and it’s the familiar, self service interface that every subscriber uses to provision and manage services such as web sites and virtual machines. Service Management APIUnderlying the customer (and admin) portal is an Odata Rest API known as the Service Management API. This provides access to the underlying services and enables automation and replacement of the supplied management portal, opening up the possibility of integrating with existing portals or technology from partners such as Parallels. The API also enables integration of additional services modules and other solutions such as customer billing. The service management API is an extensible REST-based API that will enable enterprises and service providers to integrate their existing systems and tools (e.g. customer portals at service provider) with these new services. Key to enabling enterprise adoption is portal/ API integration with Active Directory.. Web Sites ServiceThe Web sites service provides a high-density multi-tenant web hosting service, one of the most fundamental services any service provider needs to provide and at the lowest cost possible. A broad range of programming languages and template web applications is also supported as well as integration with developer tools and popular source control repositories. Web Sites enables a high density, secure web hosting offerings for service providers and enterprise IT.Virtual Machines ServiceThe Virtual Machines Service enables self-service provisioning of Infrastructure-as-a-Service (also known as IaaS) capabilities enabling a high quality self-service experience to provision and manage VMs. This is equivalent to renting a virtual server on which the tenant can install their own operating system and administer the server themselves. This includes a standardized VM gallery for consistent workload deployment and hosting – We will be delivering a consistent gallery of VM templates - single VM and multi-VM tiers - for Windows Server and Windows Azure environments. The goal here is to enable uniform IaaS services across these contexts, including consistent VM lifecycle management from a provisioning and operations standpoint. Service Bus ServiceThe Service Bus service is a technology to enable messages to be passed between applications where a synchronous hand-off is not possible but the sender needs assurance that the message will reach the recipient eventually. Applications may be within the same cloud, across clouds, clouds and devices or many other supported scenarios. The service bus service supports a 1-to-1 queue and a publish-subscribe many to many topic based service.Virtual NetworksVirtual networks enable the creation of tenant specific IP-address schemes independent of the actual IP infrastructure on which it depends. This means that tenant VMs can be migrated to the cloud without the need to reconfigure IP address schemes or the risk of colliding with other tenants’ IP addresses and security concerns therein.DatabaseThe Windows Azure Pack also supports SQL and MySQL servers in a Database-as-a-Service model for tenants. This capability is available to web applications in the Web Sites service or more generally to applications.
Administrators create the environment in which tenants operate. <click>Administrators own the resource clouds that eventually support tenant services. <click>Administrators also create one or more plans which define which package services for tenants and set quotas and add-ons <click>A tenant subscribes to one or more plans before provisioning services against a specific plan.The plan defines which resource cloud the service provisions resources from and enforces quotas on maximum usage, offering add-on options where configured.
Windows Azure Pack delivers IaaS powered by System Center 2012 R2 and Windows Server 2012 R2. The Service Management API integrates with the System Center 2012 R2 Service Provider Foundation API.Service Provider Foundation is provided with Microsoft System Center 2012 Orchestrator, a component of Microsoft System Center 2012 Service Pack 1 (SP1). Service Provider Foundation exposes an extensible Open Data Protocol (OData) API over a Representational State Transfer (REST) web service that interacts with components of System Center. This enables service providers and large enterprise organizations to design and implement multi-tenant self-service portals that integrate IaaS capabilities available through Microsoft System Center 2012 SP1.Feature Description:-VM ManagementCreate, update, and operate VM’sVirtual Machine RolesDeploy, update, and operate VMM services.Scale-out within VM tiersSelf-service VM networksCreate, update, and use self-service VM networks.Self-service Tenant AdministrationTenant admin manages access to hosted IaaS cloud.Tenant admin configures and manages self-service user roles.Enterprise identity for SPFTenants can authenticate and authorize using corporate identityExtensibility for hosted cloud APIExtensible REST OData API surface.Use runbooks to customize processes driven through SPF API.
Customer PortalThe first component we’ll talk about here is the customer or ‘management’ portal. In Windows Azure this is also known as the “Developer Portal” and it’s the familiar, self service interface that every subscriber uses to provision and manage services such as web sites and virtual machines. Service Management APIUnderlying the customer (and admin) portal is an Odata Rest API known as the Service Management API. This provides access to the underlying services and enables automation and replacement of the supplied management portal, opening up the possibility of integrating with existing portals or technology from partners such as Parallels. The API also enables integration of additional services modules and other solutions such as customer billing. The service management API is an extensible REST-based API that will enable enterprises and service providers to integrate their existing systems and tools (e.g. customer portals at service provider) with these new services. Key to enabling enterprise adoption is portal/ API integration with Active Directory.. Web Sites ServiceThe Web sites service provides a high-density multi-tenant web hosting service, one of the most fundamental services any service provider needs to provide and at the lowest cost possible. A broad range of programming languages and template web applications is also supported as well as integration with developer tools and popular source control repositories. Web Sites enables a high density, secure web hosting offerings for service providers and enterprise IT.Virtual Machines ServiceThe Virtual Machines Service enables self-service provisioning of Infrastructure-as-a-Service (also known as IaaS) capabilities enabling a high quality self-service experience to provision and manage VMs. This is equivalent to renting a virtual server on which the tenant can install their own operating system and administer the server themselves. This includes a standardized VM gallery for consistent workload deployment and hosting – We will be delivering a consistent gallery of VM templates - single VM and multi-VM tiers - for Windows Server and Windows Azure environments. The goal here is to enable uniform IaaS services across these contexts, including consistent VM lifecycle management from a provisioning and operations standpoint. Service Bus ServiceThe Service Bus service is a technology to enable messages to be passed between applications where a synchronous hand-off is not possible but the sender needs assurance that the message will reach the recipient eventually. Applications may be within the same cloud, across clouds, clouds and devices or many other supported scenarios. The service bus service supports a 1-to-1 queue and a publish-subscribe many to many topic based service.Virtual NetworksVirtual networks enable the creation of tenant specific IP-address schemes independent of the actual IP infrastructure on which it depends. This means that tenant VMs can be migrated to the cloud without the need to reconfigure IP address schemes or the risk of colliding with other tenants’ IP addresses and security concerns therein.DatabaseThe Windows Azure Pack also supports SQL and MySQL servers in a Database-as-a-Service model for tenants. This capability is available to web applications in the Web Sites service or more generally to applications.
Whether you’re an enterprise or a service provider, Windows Azure Pack has built-in extensibility to ensure that you can integrate it into your existing systems for maximum convenience.Active Directory Federated Services (ADFS) integration ensures that existing enterprise users can authenticate in the Management Portal without the creation of a new user database.The OData Rest API that supports the Management Portal enables replacement of some or all of the capabilities of the supplied portal by an existing customer portal. Administrative functions are also exposed through the same API for automation or integration into a custom admin portal.For billing or chargeback, usage data is also available through the Management Portal API for integration into in-house or third-party billing vendors’ solutions, some of which have already built Windows Azure Pack integration.