A Multi-Cloud Solution using Azure & AWS

Transcript

1. A Multi-Cloud Solution using Azure & AWS 1

2. 2 https://www.forbes.com/sites/bobevans1/2017/06/01/sorry-amazon-but-microsoft-is-the-worlds-1-cloud-vendor-heres-why-cloud-wars/amp/

3. The Cloud is changing the world 3

4. Why the cloud? • Rapidly setup environments to drive business

   priorities • Scale to meet peak demands • Increase daily activities, efficiency and reduced cost. 4

5. 5

6. Public Cloud In the public cloud, you get quick access

   to compute, storage, app hosting and more — as much as you need, when you need it. The hardware is located outside of your data center and is shared with other customers, which keeps prices low. 6

7. Private Cloud Get the agility, scalability and efficiency of the

   public cloud, with the greater levels of control and security of a single-tenant, dedicated environment. It can be hosted on-site at your own data center or at a service provider’s data center. 7

8. Hybrid Cloud Sometimes the best environment for a workload is

   one that combines both public cloud, private cloud and single-tenant dedicated environments. 8

9. What Does "Multi-Cloud" Mean? • “Multi-cloud” describes an environment that

   relies on multiple clouds — such as Microsoft® Azure® or AWS. • For instance, you may be running a workload that requires large pools of storage and networking resources on a private cloud. • At the same time, you may have a workload that needs to scale up or down quickly on a public cloud, such as Microsoft Azure or AWS. Each workload is running on the ideal cloud, but now you have multiple clouds to manage. 9

10. Facebook CEO Mark Zuckerberg takes the stage at the company’s

    F8 conference. Move Fast & Break Things 10

11. 11

12. Facebook CEO Mark Zuckerberg takes the stage at the company’s

    F8 conference (April 2014) Move Fast With Stable Infra(structure) 12

13. List of DevOps Practices • Infrastructure as Code (IaC) •

    Continuous Integration • Automated Testing • Continuous Deployment • Release Management • App Performance Monitoring • Load Testing & Auto-Scale • Availability Monitoring • Change/Configuration Management • Feature Flags • Automated Environment De-Provisioning • Self Service Environments • Automated Recovery (Rollback & Roll-Forward) • Hypothesis Driven Development • Testing in Production • Fault Injection • Usage Monitoring/User Telemetry http://www.itproguy.com/devops-practices/

14. What is Infrastructure as Code (IaC) ? Infrastructure as Code

    (IaC) is the process of managing and provisioning computing infrastructure (processes, bare-metal servers, virtual servers, etc.) and their configuration through machine-processable definition files, rather than physical hardware configuration or the use of interactive configuration tools. 14

15. What is a Hyperscale Cloud Infrastructure? 15

16. Hyperscale Regions 16

17. Microsoft's data center in San Antonio, Texas 17

18. What are we covering today? 18

19. 19

20. Google Cloud Platform 20

21. 21

22. Windows on Google Cloud Platform (GCP) You may not know

    this, but Google Cloud Platform supports Windows Server 2008, 2012 and 2016. It also supports SQL Server versions 2012, 2014 and 2016 Standard, Web and Enterprise editions (with High Availability). You can deploy your ASP.NET Windows apps to Compute Engine or your ASP.NET Core apps to App Engine or Container Engine (Google’s hosted Kubernetes environment). .NET and .NET Core libraries are there for all 200+ google.com and cloud services in NuGet; lead by Jon Skeet of Stackoverflow fame! You can use Visual Studio to manage your GCP resources and deploy your existing apps. You get Stackdriver logging, error reporting, and tracing support for .NET and .NET Core. PowerShell cmdlets for GCP, which run on Windows and Linux. Plus you get a great set of partners to bring your Windows/.NET workloads to GCP, including Capgemini, Neudesic and Magenic. Get your free trial today! 22

23. AWS Cloud Platform 23

24. 24

25. 25

26. Microsoft Azure Cloud Platform 26

27. 38 Regions Worldwide, 30 Online…huge capacity around the world…growing every

    year ➢ 100+ datacenters ➢ Top 3 networks in the world ➢ Second Largest Dark Fiber Network Operational Announced/Not Operational Azure Regions ➢ China Operated by 21Vianet ➢ Germany Operated by Deutsche Telekom ➢ 2.5x AWS, 7x Google DC Regions https://azure.microsoft.com/en-us/regions/ 27

28. AWS Regions and Availability Zones https://aws.amazon.com/about-aws/global-infrastructure 18 Regions Worldwide, 16

    Online…Comprised of 47 Availability Zones, 42 Online 28

29. Azure & AWS Regions Azure (38 regions, 30 online) •

    Region pairs in a geo-political area for cross- region DR scenarios • A region is a massive Microsoft owned and purpose built Data Center (DC) • DC’s have multiple layers of hardware and software redundancy for HA • Region to Region traffic over Microsoft backbone AWS (18 regions, 16 online) • No geo-political region pairs, regions are not disaster proof • A region is a collection of smaller owned and Colo DC’s called Availability Zones (AZ’s) – 47 in total • AZ’s are well connected across flood plains and within a short car journey for HA • Region to Region traffic over public internet https://www.microsoft.com/en-us/cloud-platform/global-datacenters 29

30. Terminology Mapping Description Microsoft Azure Amazon Web Services Billing container

    Subscription Account Security Principal Subscription/Account Admin Root Account Access Control Role Based Access Control (RBAC) Identity and Access Management (IAM) Directory Service Azure Active Directory (AD) AWS Directory Service Geo locations Region Region User Interfaces Management Portal Management Console Management & Monitoring Azure Diagnostics + App Insights Cloud Watch Infrastructure as Code Azure Resource Manager Cloud Formation Grouping Mechanism Resource Groups Resource Groups Metadata Tags Tags Automation Azure SDK, PowerShell + CLI AWS SDK, PowerShell + CLI 30

31. Available Services in Azure GovCloud Datacenter infrastructure US Gov. VA

    US Gov. IA Compute Storage Networking Virtual Machines Infrastructure services Azure files Premium VM Storage Express Route Load Balancer Virtual Network Traffic Manager Backup Hybrid operations Active Directory Multi-Factor Authentication StorSimple Automation Portal Security & management Key Vault Compute Cloud services Batch Media Media Services SQL Database Redis Cache Tables Data Integration Service Bus Storage Queues Platform services Azure SDK Developer Services Notification hubs Web & mobile US DoD Central US DoD East US Gov. AZ US Gov. TX Operational Announced/Not Operational Mobile Apps Azure App Service Azure Site Recovery Service Fabric VM ScaleSets HD Insight Azure Monitoring Log Analytics BLOB Storage https://azure.microsoft.com/en-us/overview/clouds/government/ 31

32. AWS GovCloud Available Services Datacenter infrastructure Cloud Trail Hybrid operations

    Security & management Compute Media Data Integration Platform services Developer Services Web & mobile SNS SQS SWF EMR Dynamo DB ElastiCache RDS RedShift IAM Cloud HSM AWS KMS Cloud Watch Cloud Formation Management Console SDK http://docs.aws.amazon.com/govcloud-us/latest/UserGuide/supported-services.html Compute Storage Networking Infrastructure services Direct Connect VPC EC2 Auto Scale S3 Glacier ELB Import/Export Snowball Ebs 32

33. Comparing Purchasing and Billing Azure AWS • Global availability and

    Billing support in 24 Currencies • Billing for Azure Services is Per Minute • All Data going into an Azure Datacenter is free, while Egress Data has a fee • Subscription Types: Pay-As-You-Go, Compute Pre-Purchase with EA, Cloud Solution Providers. • Azure Hybrid Use Benefits allows for running Windows VMs on Azure for Base Computing Price if Customer has Software Assurance • Global availability, with some billing support in other currencies, but can only be paid via credit card • All Data going into an Azure Datacenter is free, while Egress Data has a fee • Four Ways to pay for EC2: On- Demand, Reserved Instances, Spot Instances or Dedicated Hosts. • On-Demand is billed Hourly, Reserved Instances discounted based on term, Dedicated Host provide software savings (On-Demand or Reserved Instances) 33

34. Pricing Calculators https://azure.microsoft.com/en-us/pricing/calculator http://calculator.s3.amazonaws.com/index.html 34

35. Comparing Identity Azure Active Directory Multi-tenant PaaS solution for Identity

    Integrated with Microsoft Accounts (@hotmail.com, @outlook.com, etc.) Multi-factor Authentication Available Rich support for SaaS application integration Free tier supports up to 500K Objects (paid tiers unlimited) Azure AWS Identity Access Management Manage Users, Groups, Roles, Polices Multi-factor Authentication Available Roles are assigned to Resources AWS Directory Service (for AD Integration) Supports 50K Users | 200K Objects 35

36. Azure & AWS Management https://portal.azure.com https://aws.amazon.com/console/

37. None

38. Networking at a glance VPC Amazon Route 53 AWS Direct

    Connect Azure DNS Azure Traffic Manager Azure Express Route Azure Virtual Network Azure Load Balancer Application Gateway Elastic Load Balancing https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map CloudFront Azure Content Delivery Network 99.95% SLA for ExpressRoute Network Security Groups • Control network flow at VM and Subnet level Internet accessibility available by default • No need to create/update IG & Routing Tables 38

39. VPC & Virtual Network Comparison Private subnets, routing tables, SNAT

    is automatic vs Internet Gateway, but you can provide your own via routing Key Capabilities • Custom Routing • Network Security Groups (Subnet or VM) • Hybrid Connectivity with IPSEC VPN, PPTP (point-to-site), Peering, and ExpressRoute. • Bring your own DNS at virtual network or VM Azure – Virtual Network More traditional approach with Public and Private Subnets along with an Internet Gateway, NAT Instance and Routing Tables Key Capabilities • Custom Routing • Security Groups (Subnet) • ACLs (VM) • Hybrid Connectivity with VPN/VPN Peering, and Direct Connect • Bring your own DNS, NetBIOS, NTP with DHCP Option Sets AWS – Virtual Private Cloud 39

40. Comparing VPN Connectivity Options On-Premises-to-VNET • VPN Gateway that connects

    to on- premises device or appliance for private IP connectivity • ExpressRoute for Permanent & Private VNET to VNET (VPN Gateway) • Connectivity to other VNETs in the same or other regions using IPSEC VPN Gateways • Uses Microsoft backbone for connectivity so disabling encryption is supported VNET to VNET Peering • Connectivity to other VNETs in the same regions Point-to-Site • Connectivity from a single machine to a VNET using PPTP Azure On-Premises-to-VPC • VPN Gateway that connects to on- premises device or appliance for private IP connectivity • DirectConnect for Permanent & Private VPC to VPC (VPN Gateway) • Connectivity to other VPCs in the same region or other regions using IPSEC VPN gateways. • Uses public Internet for connectivity VPC Peering • Connectivity to other VPCs in the same region VPC Endpoints • Connectivity to S3 via a private non- Internet connection AWS 40

41. Compute

42. Compute at a Glance Azure Virtual Machine EC2 Container Service

    EC2 Azure Container Service Elastic Beanstalk Lambda Azure Web Apps Azure Functions Web Jobs Logic Apps https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map AWS Server Migration Service **recently added & moved over to DMS Azure Site Recovery Azure Backup Lightsail **recently added Azure Marketplace You can specify username/password You can specify machine name VMs support VHD format VM Publicly accessible by default • No need to create/update IG & Routing Tables 42

43. Comparing Azure and EC2 Virtual Machines Availability Set Azure Storage:

    Premium (SSD) or Standard Disk Format: Fixed VHD – Max 1 TB per disk Span disks for larger volumes (up to 64 TB) Subnet Scale Set Subnet Network Security Group Virtual Network Azure Load Balancer (internal) Network Security Group Public IP Azure Load Balancer (external) Subnet Auto Scaling Group Subnet Security Group Virtual Private Cloud Elastic Load Balancer (internal) Security Group Elastic IP AV Zone AV Zone AV Zone AV Zone Elastic Load Balancer (external) EBS Volumes: Provisioned IOPs, General Purpose SSD, or magnetic. AMI Format, up to 16 TB per Volume 43

44. Azure & AWS VM Sizes Azure VM Series Processor Purpose

    Disk Network AWS VM A Xeon T2 A & D Ivy Bridge M3 D Haswell M4 DS & H Ivy Bridge C3 F Haswell X1 D Haswell C4 D & G Ivy Bridge R3 NV Sandy Bridge G2 NC Broadwell P2 G Ivy Bridge I2 G Haswell D2 S G H B C C B B M E D E H S S E E D S H S S S S D E E M E S G S E C - Compute Optimized M - Memory Optimized B - Balanced Compute/Memory G - GPU Video S - Storage S - SSD H - HDD D - Default (speed varies) E - Enhanced Networking https://aws.amazon.com/ec2/instance-types https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-sizes 44
45. None

46. Storage at a glance EFS Glacier S3 Snowball Storage Gateway

    Azure Cool Storage Azure Backup Azure Import/Export Service Azure StorSimple https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map Azure File Storage Azure Blob Storage S3 Natively supports static website • Technically possible in Blob Storage • No way to define default document EFS uses NFS (Linux Only) Azure File Storage uses SMB 3.0 46

47. Blob Storage Concepts Bucket Object 47

48. None

49. Approaches to Backup Rich suite of backup services and devices

    and 3rd parties with different capabilities, while providing a more general approach to cloud storage • Azure Backup • Agent, Fabric, and Server for application support + DPM integration • StorSimple • Hybrid physical and virtual device that provides on-premises and cloud based storage • All Backed by Azure Blob Storage • 3rd party application eco-system supports blob storage as a target Azure Mature Storage services for different use cases with the backup services and devices from 3rd party providers • S3 • General storage • Glacier • cheap storage that is optimized for infrequently accessed data • Storage Gateway • Service that provides on-premises and cloud based storage • 3rd party application eco-system supports storage services AWS 49

50. https://azure.microsoft.com/en-ca/overview/azure-vs-aws/ 50

51. https://docs.microsoft.com/en-us/azure/architecture/aws-professional/services 51

52. https://openedx.microsoft.com/courses/course-v1:Microsoft+AZURE213x+2017_T2/about 52

53. https://www.microsoft.com/en-ca/learning/course.aspx?cid=40390# 53

54. Thank-you! 54