3 Build It - Introduction To IaaS

Azure Boot Camp
Build It! Session 1

CONTOSO ADS – BUILD IT!
The first step in Contoso’s journey is to
get the new application code to a place
where it can be consumed and start
making you, the owner of Contoso,
some money!
This module will focus on the core

concepts of the Azure Infrastructure as a BUILD IT AND GET
Service Offering. These concepts will
1 OUT TO MARKET
assist you in building out the Contoso
Ads Application.
Introduction to Azure
IAAS
Overview of IAAS
SLIDE 4 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

What is “the cloud” ?
 Characteristics
 On demand Self Service IaaS Providers PaaS Providers SaaS Providers
 Multi-Tenancy (Resource Pooling)
 Pay as you go
 Rapid Elasticity
 Metered Real-time Billing
 Charge Back
 Deployment Models
 Public
 Private
 Hybrid
 Hosted
SLIDE 5 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY Azure Boot Camp
Cloud Service Models
Organizations are moving to the cloud…
95% 72% 36.8%

of organizations are using some Are using a “Hybrid Cloud” growth of IaaS from 2016 to
form of cloud 2017 to $34.6 billion
https://assets.rightscale.com/uploads/pdfs/RightScale-2017-State-of-the-Cloud-Report.pdf
http://www.gartner.com/newsroom/id/3616417
IAAS
IaaS Use Cases

Common Reasons for IaaS
Lift n’ Shift
Rehost Refactor Redesign Rebuild Replace
Lift and DevOps Modernize Cloud 3rd party

shift and apps with native SaaS
Containers PaaS
Contoso Ads Scenario
Lift n’ Shift
Other Common Reasons for IaaS
Security, Application or Policy Requirement
Security
Companies\Agencies with very specific security practices and
policies
Control
There is a specific reason to interact/modify/control Operating
System behavior
Policy
Vendor and technology lock in objections
IAAS
Compute and Virtual Machines

Azure Virtual Machines compatibility with Hyper-V Virtual Machines
• Support for Generation 1 Virtual
Machines
• Storage
- Support for VHD fixed format only (no
VHDX)
- 2 TB Maximum Size of OS Disk
- 4 TB Maximum Size of a Data Disks
- Maximum of 64 data disks
- 256TB of Diskspace
• Performance
- Up to 128 vCPUs
IAAS VM Compute Tiers (“VM Sizes”)
GENERAL PURPOSE Balanced CPU-to-memory COMPUTE OPTIMIZED High CPU-to-memory
ratio. Ideal for testing and ratio. Good for medium
B (Preview) development, small to traffic web servers, network
Dsv3, Dv3, medium databases, and Fs, F appliances, batch
DSv2, Dv2, DS, low to medium traffic web processes, and application
D, Av2, A0-7 servers. servers.
MEMORY OPTIMIZED High memory-to-CPU STORAGE OPTIMIZED

ratio. Great for relational High disk throughput and
Esv3, Ev3, M, database servers, medium IO. Ideal for Big Data, SQL,
GS, G, DSv2, to large caches, and in- Ls and NoSQL databases.
DS, Dv2, D memory analytics.
GRAPHICS OPTIMIZED Specialized virtual HIGH PERFORMANCE Our fastest and most
machines targeted for powerful CPU virtual
heavy graphic rendering
COMPUTE
machines with optional
NV, NC, and video editing. high-throughput network
Available with single or
H, A8-11
NCv2, ND interfaces (RDMA).
multiple GPUs.
New versions tend to indicate new generations of CPU or GPU
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes
Azure Server Generations
Gen 2 Gen 3 HPC Gen 4 Godzilla Gen 5.1 GPU Gen 5 Beast
Processor 2 x 6 Core 2.1 GHz Processor 2 x 8 Core 2.1 GHz Processor 2 x 12 Core 2.4 GHz Processor 2 x 12 Core 2.4 GHz Processor 2 x 16 Core 2.0 GHz Processor 2 x 20 Core 2.3 GHz Processor 2 x 8 Core 2.6 GHz Processor 4 x 18 Core 2.5 GHz
Memory 32 GiB Memory 128 GiB Memory 128 GiB Memory 192 GiB Memory 512 GiB Memory 512 GiB Memory 256 GiB Memory 4096 GiB
Hard 5 x 1 TB Hard Drive 1 x 2 TB

Hard 6 x 500 GB Hard 1 x 4 TB Hard 4 x 2 TB Hard Drive None Hard Drive None Hard Drive None
Drive
Drive Drive Drive
SSD 1 x 960 GB SATA
SSD None SSD 6 x 960 GB PCIe Flash SSD 4 x 1920 GB NVMe and
SSD None SSD 5 x 480 GB SSD 4 x 480 GB SSD 9 x 800 GB and 1 x 960 GB SATA 1 x 960 GB SATA
NIC 40 Gb/s
NIC 10 Gb/s IP, 40 Gb/s
NIC 1 Gb/s NIC 10 Gb/s IB NIC 40 Gb/s NIC 40 Gb/s NIC 40 Gb/s + FPGA GPU 2 x 2 Compute GPU NIC 40 Gb/s
Azure Marketplace – Virtual Machine images
• Preconfigured VM Solution
images
• From both Microsoft and 3rd

party vendors
• Ready-to-deploy
• Licensed through Azure billing, or

often supporting Bring Your Own
License (BYOL)
IAAS
IaaS Components

Building Blocks of Azure IaaS
IaaS Components and Resource Groups
Virtual machines, Availability sets, Scale sets…
Storage accounts, disks…
Network interfaces, Virtual networks, Network

security groups…
Azure Resource Group
IAAS
Virtual Machines - Storage

Azure Virtual Machine Disks Storage
• Virtual Machine OS and Data Disks
exist within in Azure Storage service
• Resource or temporary disk exists in
hypervisor local storage
• Up to 2 TB OS disks
- Most Azure Images have System
volumes that range from 30GB to 127GB
• Up to 4TB Data Disks
- Non-OS Volumes larger than 4TB can be Beware: Data on the D:\ Drive
created via OS Supported Software RAID can/will be lost when a machine
is moved or deallocated
Storage Disk Types
Standard Storage (HDD-based)

IOPS and throughput of Standard Disks
are not provisioned. The performance of
standard disks varies with the VM size
Standard Storage (SSD-based)

500(E10) to 2,000(E80) IOPS per disk
depending on size and sku
Premium Storage (SSD-based)

120(P4) to 20,000(P80) IOPS per disk
depending on size and sku
Select this link to see premium storage performance targets and limits...
Azure Managed Disks
Simple - Abstracts storage accounts from customers
• Optional, but recommended
• Supports both Standard and Premium Storage disks
• Storage Account IOPS limits do not apply
• More granular RBAC support
- Grant/deny access to operations, such as read, delete,
export and retrieving a Shared Access Signature Just manage the disks. Underlying
storage accounts managed by the
• Disk Snapshots (full disk copy) platform
- Read-only copy of a disk at a point in time.
- Independent of source disk; use to create new managed
disks
• Supported with Azure Backup
• Big scale - 1000s of disks per region per subscription
IAAS
Virtual Machine Networking

Virtual Machine Networking Overview
• IPv4 and IPv6 Support

• Support for multiple network interfaces
for routing and firewalls
• Private and/or Public IP addresses (static
or dynamic)
• Network Security Groups for traffic
isolation
• Automatic assignment of DNS servers
from virtual network or from Azure DNS
• Accelerated Networking
• MAC Persistence
Azure Virtual Machine Networking Aspects
• Azure Region
• Virtual Network
• Subnets
• Network Security Groups
• Network Interface Cards
• Load Balancers
• VPN Gateway
Contoso Ads Network for Lab 1
PROD-VNET
10.0.0.0/16
APPS
10.0.0.0/24
• Virtual Network
• Subnets
• Network Interface Cards
Permit or Deny
• Network Security Groups (NSG) Based on rulesets created
Data
10.0.1.0/24
IAAS
Virtual Machines - Deployment

Deploying Azure Virtual Machines
1 2
PowerShell
Azure Management Portal Command Line
New-AzureRmVM –ResourceGroupName $rg -VM $vm ...
CLI
az vm create --resource-group myResourceGroup --name
myVM --image win2016datacenter --admin-username
azureuser --admin-password myPassword12
3
SDK
Console.WriteLine("Creating virtual machine...");
azure.VirtualMachines.Define(vmName)
.WithRegion(location)
.WithExistingResourceGroup(groupName)
.WithExistingPrimaryNetworkInterface(networkInterface)
.WithLatestWindowsImage("MicrosoftWindowsServer",
...
4
API
"OSDisk": {
"EncryptionSettings": null,
5 "OperatingSystemType": "Windows",
Templates
"Caching": "ReadWrite",
"CreateOption": "FromImage",
...
Scaling IaaS Workloads
• Scale up/down
- Not automated by design (requires a reboot) as part of the auto-
scale rules, but can be scripted with PowerShell Scale Up
- Scale up/down within the VM family. Scaling outside VM family

requires deallocating the VM
- Cannot scale down if you have more data disks attached than the
lower size supports or if the instance size is not supported in the
cluster your cloud service is created in
• Scale out/in Scale Down
- VM Scale Sets allow manual or auto scale both in and out
Scale out Scale in
Virtual Machine Scale Sets
• Used for building large-scale and/or 1 VM
scalable services targeting:

• big compute
• big data
• containerized workloads
• Recommended approach
• Scale Set VMs are configured identically
• Custom images supported but limited
to the same storage account
1000 VMs
• Integrates with Virtual Networks, Load
Balancers and Network Security Groups
ATTACHED DATA DRIVES
• Not only for large scale (most are 2-10 vms) USING MANAGED DISKS
IAAS
Virtual Machines - Configuration

Virtual Machine Extensions
Extensions by Microsoft & third party
• Extensibility points for Azure Virtual Machines

• Security
• Configuration Management
• Access Control
• Many Others
• Execute from the portal, script, or as

part of an ARM template.
Virtual Machine Extensions
Desired State Configuration (DSC)
In today’s Lab we’ll use DSC to configure our

Web Server to the desired state
• Desired State Configuration:

• Install the IIS feature
• Install the ASP.NET 4.5 feature
• Install applications required to meet our
desired state (Contoso Ads)
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/extensions-dsc-overview
IAAS
Virtual Machines - Availability

Virtual Machine Availability
• Planned Downtime (Maintenance)

• Updates made by Microsoft to the Azure fabric, that result in downtime
• Leverage Action Groups to notify (SMS, email, webhook) the right people when
maintenance requires reboots of your virtual machines
• Unplanned Downtime
• When the Azure datacenter hardware or physical infrastructure fails
• Virtual machines are automatically migrated to a new physical host when failure
is detected. This is known as “service healing”.
Availability Overview
Options
Power / facility Region Pairs, Availability Zones, Availability Set
Industry-leading broadest
Industry-only Industry-leading high availability SLA choice of data residency
VM SLA VM SLA VM SLA Regions

99.9% 99.95% 99.99% 52
Single VM Availability sets Availability zones Region pairs

Protection with Protection against failures Protection from entire Protection from disaster with
Premium Storage within datacenters datacenter failures Data Residency compliance
© Microsoft Corporation
Availability sets
Virtual Machine Availability Sets
• Up to 100 virtual machines
• Fault Domains – isolate virtual machines

for faults
- Default setting = 2
• Update Domains – isolate virtual

machines for upgrades
- Default setting = 5, can go up to 20
Managed Disks behavior with VM Availability Sets
Unmanaged VS Managed
Virtual Machine Availability Sets Fault Update
Domains Domain
FD #0 UD #0
In today’s Lab, from the Azure Portal

you will deploy a single Contoso Ads FD #1 UD #1
Web Server in an Availability set of:
• 2 Fault Domains and UD #2
• 5 Update Domains
UD #3
Allows deployment of future Web
servers into the availability set
UD #4
Contoso Ads Web

Azure Regions
54 Regions worldwide, available in 140 countries

https://azure.microsoft.com/en-us/regions/ Azure Boot Camp
Azure Regions  MS Operates
120+
Azure Global Network datacenters
 Top 3
networks in
the world
 Second
Largest Dark
Fiber Network
 China Operated
by 21Vianet
 Germany
Operated by
Deutsche
Telekom
 2x AWS, 4x
Google DC
Regions
https://azure.microsoft.com/en-us/global-infrastructure/global-network/
Azure Regions – Regional Paired Datacenters
• Regions contain massive Microsoft
owned and purpose-built Data
Center(s) (DC)
• DC’s have multiple layers of hardware

and software redundancy for HA
• Region to Region traffic travels over

the Microsoft backbone
• Region pairs in a geo-political area

for cross-region DR scenarios Example: North Europe and West Europe
Availability Zones
France Central
Hands On Lab
Getting Started with Azure IaaS


3 Build It - Introduction To IaaS

Uploaded by

Copyright:

Available Formats

3 Build It - Introduction To IaaS

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

3 Build It - Introduction To IaaS

Uploaded by

Copyright:

Available Formats

Azure Boot Camp

Build It! Session 1

This module will focus on the core

SLIDE 4 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

95% 72% 36.8%

SLIDE 8 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

Rehost Refactor Redesign Rebuild Replace

Lift and DevOps Modernize Cloud 3rd party

SLIDE 12 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

MEMORY OPTIMIZED High memory-to-CPU STORAGE OPTIMIZED

New versions tend to indicate new generations of CPU or GPU

Hard 5 x 1 TB Hard Drive 1 x 2 TB

• From both Microsoft and 3rd

• Licensed through Azure billing, or

SLIDE 17 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

Virtual machines, Availability sets, Scale sets…

Storage accounts, disks…

Network interfaces, Virtual networks, Network

SLIDE 20 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

Standard Storage (HDD-based)

Standard Storage (SSD-based)

Premium Storage (SSD-based)

SLIDE 25 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

• IPv4 and IPv6 Support

SLIDE 29 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

- Scale up/down within the VM family. Scaling outside VM family

scalable services targeting:

SLIDE 33 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

• Extensibility points for Azure Virtual Machines

• Execute from the portal, script, or as

In today’s Lab we’ll use DSC to configure our

• Desired State Configuration:

SLIDE 37 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

• Planned Downtime (Maintenance)

VM SLA VM SLA VM SLA Regions

Single VM Availability sets Availability zones Region pairs

• Up to 100 virtual machines

• Fault Domains – isolate virtual machines

• Update Domains – isolate virtual

In today’s Lab, from the Azure Portal

• 2 Fault Domains and UD #2

Contoso Ads Web

SLIDE 44 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

• DC’s have multiple layers of hardware

• Region to Region traffic travels over

• Region pairs in a geo-political area

Getting Started with Azure IaaS

SLIDE 48 MICROSOFT CONFIDENTIAL – FOR INTERNAL USE ONLY

You might also like