GABC2019: Azure Stack @Mobiliar by Stefan Roth

Transcript

1. Azure Stack @Mobiliar Stefan Roth | Cloud Engineer Microsoft Cloud-

   & Datacenter MVP

2. Partners 2

3. 04.04.2019 Steering Board Hybrid Cloud 04/2019 3

4. Kennzahlen: Technologie Wir betreiben und entwickeln modernste IT Infrastrukturen, welche

   zukunftsgerichtet und wirtschaftlich sind um unseren stetig wachsenden Ansprüchen gerecht zu werden. 8300 CPU Cores Automatische DATENBANK Deployments (seit 2017) ~ 1200 PDB’s erstellt ~ 500 PDB’s gelöscht 12 Petabyte SPEICHERKAPAZITÄT Ø 2 TB STORAGE Wachstum pro TAG 7200 VIRTUELLE Server DATA BASES DATA CENTER 2 Standorte 189 PHYSISCHE Server VIRTUALISIERUNGSGRAD 99% 146 RACKS 2018 7’000’000 kWh / Jahr STROMVERBRAUCH mehr…

5. 1’200’000 STREAMWORKS JOBS pro Monat +5700 MIDDLEWARE Instanzen 5918 SKYPE

   BENUTZER 9 UMGEBUNGEN +1’600’000 TELEFON CALLS pro Quartal +2900 FIREWALL RULES vollautomatisiert ~400 EIGENAPPLIKATIONEN werden von uns betreut ~1’500’000 Skype CHATS pro Quartal 2946 MOBILE DEVICES +1’200’000 empfangene E-MAILS pro Monat +500’000 gesendete E-MAILS pro Monat Kennzahlen: Technologie 4000+ CONTAINER 6346 CLIENTS

6. Azure Stack in a nutshell 6

7. 04.04.2019 7

8. None

9. 04.04.2019 9

10. 04.04.2019 10

11. Dear Microsoft…but we are a Swiss insurance company ☺ 04.04.2019

    11

12. Characteristics Of Azure Stack • Microsoft Azure Stack is a

    «Integrated System» (hyperconverged infrastructure) like an appliance, configured and delivered to your data center. Consistent experience with Azure. • Microsoft Azure Stack delivers a subset of Azure public cloud services. More focus on edge- and disconnected scenarios. • Microsoft is responsible for the software stack, certified HW vendors like Huawei are responsible for the hardware stack. • Customer buys the HW from the HW partners. • Two billing models consumption (pay as you go) or capacity based. 12
13. None

14. Deployment Site 14 Container Container 1 Scale-Unit Node 1 Node

    2 Node 3-16 ✓ Cloud - One set of mgmt and portal endpoints ▪ https://portal.mycloud.contoso.com https://adminportal.mycloud.contoso.com ✓ 1 Region ✓ 1 Scale units per region ✓ 4-16 scale-unit nodes ▪ Azure Stack services and user apps & data deployed across TOR 1 TOR 2 HLH BMC

15. Azure Stack High Level Architecture Source: Microsoft

16. PoC Mobiliar internals 16

17. Hybrid Cloud Motivation & Requirements 17 Flexibility in terms of

    regulatory requirements Freedom of action (threats) Move workloads between clouds Identical services and APIs between private and public cloud Strategic Motivation High-level Requirements

18. PoC Goal 1. Consuming (managed) PaaS services 1. Managed Container

    Platform (AKS on Azure Stack?) 2. Managed Ingestion Platform (Event Hub for Kafka on Azure Stack) 2. Validation and maturity of the Azure Stack plattform bringing true benefits 1. Better lifecycle and efficiency of the IT infrastructure (e.g. using PaaS services / managed services) 2. Identical services and API’s 3. Azure Stack services ready for production 18

19. Timeline 19 Kick-off HW order Get internal / external parties

    together Oct. 2018 Use cases Placement (DEV/INT/PROD) Security (No-Proxy) Deployment Sheet Pre-requisites Certificates, Azure Subscription, Networking Nov. 2018 Arrival of packages Dec. 2018 HW setup & Networking Cabling Jan. 2019 Firmware upgrade, Checking (Networking, BIOS, Storage, BMC etc.) 21 Jan. 2019 Checks (AAD account, deployment sheet, certificates), HLH Installation 24 Jan. 2019 Verify (internet access, MFA) Kick-off installation (~8.5h) 25 Jan. 2019 Marketplace syndication Portal tests Test-AzureStack eSight VM installation 29 Jan. 2019 eSight final installation (switches, nodes) HLH hardening (app white listing, BitLocker, admin users, GPOs etc.) 31 Jan. 2019 PoC tests Febr.- March 2019 Steering board April 2019

20. Dear Mobiliar… 20

21. Rack & Stack

22. Use Case: Managed Container Platform 22 VMware Azure Stack (MS

    & HW Managed) Compute Microservice (Container) Storage Datacenter Network Kubernetes Container Platform (IaaS) Microservice «Notiz Service» Datacenter Network Current Use Case Managed by Mobiliar Managed by Microsoft Managed by Mobiliar & Supplier MySQL (PaaS)

23. Use Case: Managed Ingestion Platform 23 VMware Azure Stack (MS

    & HW Managed) Compute Consumer & Producer Storage Datacenter Network Kubernetes Container Platform (IaaS) «TestApp» Consumer & Producer Datacenter Network Current Use Case Managed by Mobiliar Managed by Microsoft Managed by Mobiliar & Supplier Kafka Event Hub for Kafka (PaaS)

24. Other Area Of Interests 24 Object Storage Azure DevOps Integration

    (ARM, HELM) App Service (Web App, Functions) Look & Feel (Management, Marketplace, Subscription/Offers/Plan etc.)

25. Demo 25

26. Kubernetes Template Dissected • Route table for networking • Network

    Security Group for ssh and kubectl • Virtual network • Public IP Address for master nodes • Load balancer for master nodes • Internal load balancer for master nodes API • Network interfaces, one per each worker node • Storage accounts, one per the variable linuxpool2StorageAccountsCount • An availability set for the worker nodes • A VM for each worker node • An availability set for the master nodes • Storage account for the master nodes • Network interfaces, one for each master node • A VM for each master node 27.04.2019 26

27. Few Technical Lessons Learned • “Templated” Kubernetes on Azure Stack

    != Azure Kubernetes Service (AKS) − Scale & upgrade commands missing (so far) − No Rancher support • PaaS services − SQL / MySQL (WAP connector) − App Service (WAP architecture look-a-like) • Azure Site Recovery between Azure Stacks not supported • Placement either behind FW or transparent proxy • Networking (no VNet peering, standard load balancer = 5 PIP) • Backup API only limited, in-guest agent backup needed • API version behind Azure • Azure Stack has no managed services (1 FTE (?) Operator Role needed) 27.04.2019 27

28. Conclusion 04.04.2019 28

29. Summary PoC Azure Stack Pro ✓ Azure Stack hardware and

    software implementation with partners succeeded (integrated system). ✓ Use cases tests and implementation was a succeess. ✓ Integrationd of identity and cost management integration between Azure Stack und Azure. ✓ Mature IaaS plattform. ✓ Look and feel like native Azure. Cons ! Amount of cloud services limited (compared to Azure public cloud). ! Tested services are in (private-) preview, not for production yet. ! Certain services have a lack of maturity and lack of true benefit for business. ! No improvements in efficiency and engineering lifecycle. 29 Microsoft Azure Stack delivers no true benefit for PaaS / IaaS services compared to Mobiliar current infrastructure.

30. Currently no scenarios for Mobiliar Mapping Azure Stack Scenarios vs.

    Mobiliar 30 Quelle: Microsoft Microsoft Azure Datacenter Switzerland relevates the need for a private cloud Currently no benefits for Mobiliar (virtualization, containers) Microsoft Scenarios Mobiliar

31. Implementation Lessons Learned 1. What are the use cases? How

    would you build it in production? 2. Find a reference customer, talk NOT only business cases. 3. Plan early enough and thoroughly. 4. After studying the guides and personal preparation, create a questioner. 5. Create meetings with all parties (MS, HW vendor), try to fully understand Azure Stack. 6. Organize 2-3 meetings to fix everything. Involve your internal folks. 7. Spread the words internally and get familiar with terminology (Public VIP, Azure Stack != Azure, DNS). 8. Be aware of the firewall. 9. Azure Stack is an emotional thing. 31

32. Roadmap – Azure Capabilities On Azure Stack Services currently in

    development • Kubernetes on Azure Stack • IoT Hub • Event Hub • SQL Server 2019 • Consistent Blockchain template 32

33. The not yet (almost) everything machine…

34. Azure Stack Links Title Link Azure Stack overview and roadmap

    Watch on-demand | View slide deck Delivering intelligent edge with Microsoft Azure Stack and Data Box Watch on-demand| View slide deck The guide to becoming a Microsoft Azure Stack operator Watch on-demand | View slide deck Discovering the importance of security design principles and key use cases for Azure Stack Watch on-demand | View slide deck Best practices for planning Azure Stack deployment and post- deployment integrations with Azure Watch on-demand | View slide deck Understanding architectural patterns and practices for business continuity and disaster recovery on Microsoft Azure Stack Watch on-demand | View slide deck Getting started with Microsoft Azure Stack as a developer Watch on-demand | View slide deck Understanding hybrid application patterns for Microsoft Azure Stack Watch on-demand | View slide deck Implementing DevOps in Microsoft Azure Stack Watch on-demand | View slide deck Accelerate application development through OpenSource frameworks and marketplace items Watch on-demand Discovering the Importance of Security Design Principles and Key Use cases for Azure Watch on-demand Blog post about Azure Stack Sessions Ignite 2018 Link Open EDX Azure Stack https://openedx.microsoft.com/courses/course- v1:Microsoft+INF240x+2018_T3/about 34

35. Thank you… 27.04.2019 35

36. Thanks to our sponsors!