Professional Documents
Culture Documents
Sessions tools
Feedback
Content download
Shared Notes
OS.
Title
Live sessions
27 Jan
03 Fev
10 Fev
17 Fev
On-Demand sessions
Cloud OS - Construo de solues: Windows Server 2012 R2 Storage
Agenda
Agenda
Windows Azure IaaS
In this session we are
going to present how to
extend the corporate
infrastructure in a Hybrid
Cloud scenario by using
Windows Azure IaaS
capabilities.
Windows Azure
IaaS: Concepts
Virtual Machines
How to Create a
Windows Azure VM
Hybrid Deployment
DiskCloud
and Storage
OS
Monitoring VMs
Resources
Demos
Virtual Machines
Cloud Services
Virtual Networks
Virtual Machines
Virtual Machines are roles with exactly one instance
Virtual Machines
Virtual Machines: deliver on-demand, scalable compute
service
together
Update Domains
together
Host OS updates honour service update domains
Specified in service definition
Default of 5 (up to 20)
Storage Accounts
Gives your applications access to Windows Azure Blob, Table, and
Affinity Groups
Closely locate your compute,
network and storage resources in
the same datacenter
Get better performance
Get lower latency
Reduce egress costs
Microsoft Partner Network Internal Use Only
Virtual Networks
Enables you to create a logically isolated section in Windows
VM
VM
VM
VM
VM
VM
Update
Domain
Update
Domain
Update
Domain
Fault Domain
Fault Domain
Fault Domain
VIRTUAL NETWORK
AFFINITY GROUP
Microsoft Partner Network Internal Use Only
Network Endpoints
foo.cloudapp.net VIP (Virtual IP)
Input Endpoint
VIP: Input Endpoint
Internal Endpoint
Instance-to-instance communication
Supported Protocols: TCP, UDP
Port ranges supported
Communication boundary = Deployment boundary
Internal Endpoint
Microsoft Partner Network Internal Use Only
Virtual Machines
Platform Images
Windows Server 2012 Datacenter
Windows Server 2012 R2
Windows Server 2008 R2 SP1
OpenSUSE
CentOS by Open Logic
Canonical Ubuntu
SUSE Linux Enterprise
Microsoft Partner Network Internal Use Only
How to Create a
Windows Azure VM Deployment
Different elements
SCENARIOS
- Azure deployment
- Create an AFFINITY GROUP
- Create a CLOUD SERVICE
- Create a VIRTUAL NETWORK
- Create a STORAGE ACCOUNT
- Create VIRTUAL MACHINES
Microsoft Partner Network Internal Use Only
Affinity Group
Virtual Network
To create a Virtual Network, click in the lower lefthand corner of the screen, click New. In the
navigation pane, click Networks, and then click
Virtual Network. Click Custom Create to begin the
configuration
Name: name your virtual network.
Affinity Group: from the drop-down list, select Create a new affinity
group or select one created before.
Affinity groups are a way to physically group Windows Azure services
together at the same data center to increase performance. Only one
virtual network can be assigned an affinity group.
Region: from the drop-down list, select the desired region. Your virtual
network will be created at a datacenter located in the specified region.
Virtual Network
DNS Servers: (optional) enter the DNS server name
and IP address that you want to use. This setting does
not create a DNS server, it refers to an already
existing DNS server.
Virtual Network Address Spaces: enter the
following info and then click the checkmark on the
lower right to configure your network. Address space
must be a private address range, 10.0.0.0/8,
172.16.0.0/12, or 192.168.0.0/16:
Address Space: click CIDR in the upper right corner
to modify.
Add subnet: add subnets as needed.
Cloud Service
Use Cloud Services to deploy an application as a
cloud service in Windows Azure
URL: enter a subdomain name to use in the
public URL for accessing your cloud service in
production deployments.
Region or Affinity Group: select the geographic
region or affinity group to deploy the cloud
service to.
After creating the Cloud Service, you can upload
a Certificate
Cloud Service
Click Quick Start (the icon to the left of Dashboard) to open the Quick
Start page, shown below. (You can also deploy your cloud service by
using Upload on the dashboard.)
Click either New Production Deployment or New Staging Deployment.
Storage Account
Click Create New, click Storage, and then click
Quick Create
URL: enter a subdomain name to use in the storage
account URL. To access an object in storage,
you will append the object's location to the endpoint.
Region/Affinity Group: select a region or affinity
groupfor the storage. Select an affinity group instead
of a region if you want your storage services to be
in the same data center with other Windows Azure
services thatyou are using.
Geo-replication is enabled by default so that, in the event of a major disaster in the primary location, storage fails over to a
secondary location. A secondary location in the same region is assigned and cannot be changed. After a geo-failover, the
secondary location becomes the primary location for the storage account, and stored data is replicated to a new secondary
location.
Virtual Machine
Click Create New, click Compute, click Virtual Machine
and then From Gallery.
Image: is a template that you use to create a new virtual
machine. An image doesnt have specific settings like a
running virtual machine, such as the computer name and user
account settings. If you use an image to create a virtual
machine, an operating system disk is automatically created
for the new virtual machine.
Disk: is a VHD that you can boot and mount as a running
version of an operating system. After an image is provisioned,
it becomes a disk. A disk is always created when you use an
image to create a virtual machine. Any VHD that is attached
to virtualized hardware and that is running as part of a
service is a disk.
Virtual Machine
Select one image from Platform Images.
Version Release Date: If multiple versions of the image are available,
pick the version you want to use.
Virtual Machine Name: type the name that you want to use for
the virtual machine.
Size: select the size of the virtual machine. The size you should select
depends on the number of cores required to run your application.
New User Name: type a name for the administrative account that you want to use to manage the server.
New Password: type a strong password for the administrative account on the virtual machine. In Confirm Password, retype the
password.
Microsoft Partner Network Internal Use Only
Virtual Machine
Cloud Service: you can place virtual machines together under a cloud service to
provide robust applications,
Cloud Service DNS Name: type a name that uses between 3 and 24 lowercase
letters and numbers. This name becomes part of the URI that is used to contact
the virtual machine through the cloud service. If you selected an existing Cloud
Service, skip this.
Region/Affinity Group/Virtual Network: select where you want to locate the
virtual machine.
Virtual Network Subnets: this option is available if you configure your Virtual
Network before.
Storage Account: you can select a storage account where the VHD file is stored.
Availability Set: create an availability set if needed.
Virtual Machine
Hybrid Deployments
Point-to-Site VPN
ADDRESS SPACE: The address space that you want
to assign to cross-premises clients connecting
through a point-to-site connection. Click to configure
and adjust the address space accordingly. Click add
address space to add additional address space.
Address space rules:
Address space must be private
Address space must be a private address range,
specified
in CIDR notation 10.0.0.0/8, 172.16.0.0/12, or
192.168.0.0/16
Cannot overlap other virtual network or local
network sites
Required if you have selected to configure pointto-site connectivity
Microsoft Partner Network Internal Use Only
Point-to-Site VPN
Virtual Network Address Spaces: you will create the private
address space for your new virtual network:
ADDRESS SPACE: The address space for your virtual network.
Point-to-Site VPN
After clicking the checkmark, your virtual network will begin
to create.
When your virtual network has been created, you will see
Created listed under Status on the networks page in the
Management Portal.
Click Create Gateway, located at the bottom of the
Dashboard page.
A message will appear asking Do you want to create a
gateway for virtual network yournetwork. Click Yes to begin
creating the gateway.
Point-to-Site VPN
Certificates are used to authenticate VPN clients for point-to-site VPNs. You must generate a self-signed root
certificate along with client certificates chained to the self-signed root certificate.
You can then install the client certificates on every client computer that requires connectivity.
Upload the root certificate to Management Portal. Verify that the certificate is in .cer format and that you are
uploading the root certificate and not a chained client certificate. You can upload up to 20 certificates in order to
support multiple certificate chains.
In the Management Portal, on the Certificates page for your virtual network, click Upload a root certificate.
On the Upload Certificate page, browse for the .cer VPN root certificate, and then click the checkmark.
Point-to-Site VPN
Install the client certificate
A client certificate must be installed on every computer that you want to connect to the virtual network. On the
client computer, double-click the .pfx file in order to install it. Enter the password when requested. Do not modify
the installation location.
Once the client certificate has been installed, you can start the VPN client configuration.
Point-to-Site VPN
Now you can download the VPN client to connect your computers to the Virtual Network
Point-to-Site VPN
Start VPN connection from computer
Site-to-Site VPN
On DNS Servers and VPN Connectivity, select
Configure site-to-site VPN.
DNS SERVERS: Enter the DNS server name and IP
address that you want to use for name resolution.
Typically this would be a DNS server that you use for
on-premises name resolution.
This setting does not create a DNS server.
Site-to-Site VPN
On Site-To-Site Connectivity page, specify the VPN Device IP
address that you use for this virtual network and configure
the address space used for your site-to-site connection.
NAME: The name that you want to use to refer to your local
network site.
VPN DEVICE IP ADDRESS: This is the public-facing IPv4
address for your VPN device. Note that the VPN device
cannot be located behind a NAT.
ADDRESS SPACE: The address space that you want to
assign to cross-premises clients connecting through a siteto-site connection.
Click to configure and adjust the address space accordingly.
Click add address space to add additional address space.
Address space rules:
Cannot overlap other virtual network or local network
sites
Required if you have selected to configure site-to-site
connectivity
Microsoft Partner Network Internal Use Only
Site-to-Site VPN
ADDRESS SPACE: The address space for your virtual
network. Address space rules:
Address space must be a private address range (10.0.0.0/8,
172.16.0.0/12 or 192.168.0.0/16)
Cannot overlap other virtual network or local network
sites
add subnet: The names and IPs for subnets to be created in
your virtual network. Subnet rules:
Subnet IPs must be within the virtual network address
space.
You can add multiple subnets to a virtual network.
Subnet IP addresses cannot overlap within the virtual
network.
The smallest supported subnet is /29.
Adding a subnet is optional.
add gateway subnet: Specify the IP addresses to be used for
your virtual
network gateway subnet. You can add one gateway subnet
for your virtual network. Required.
Microsoft Partner Network Internal Use Only
Site-to-Site VPN
After clicking the checkmark, your virtual network will begin to
create.
When your virtual network has been created, you will see
Created listed under Status on the networks page in the
Management Portal.
Click Create Gateway, located at the bottom of the Dashboard
page.
There are two options: Static Routing or Dynamic Routing.
Select Dynamic Routing if you want to use this virtual network
for point-to-site connections in addition to site-to-site.
Note that the Gateway creation it may take up to 15 minutes.
Site-to-Site VPN
After the gateway has been created, youll need to gather
the following information that will be used to configure the
VPN device:
Gateway IP address: is located on the virtual network
DASHBOARD page
Shared key: is located on the virtual network DASHBOARD
page.
Click Manage Key at the bottom of the screen, and then copy
the
key displayed in the dialog box.
VPN device configuration script template: on DASHBOARD
left pane.
Select the vendor, platform, and operating system for your
companys
VPN device.
Site-to-Site VPN
Configure the VPN device: the device that you have selected to use is compatible with virtual network. Check MSDN
article for device compatibility.
To configure the VPN device:
Modify the VPN configuration script. You will configure the following:
Security policies
Incoming tunnel
Outgoing tunnel
Run the modified VPN configuration script to configure your VPN device.
Test your connection
VM disk layout
VM disk layout
VM disk layout
OS Disk
Data Disk
None
Max Capacity
127 GB
1 TB
Imaging Capable
Yes
No
Hot Update
Cache Setting
Requires Reboot
C:\ = OS Disk
All disks are created from a VHD file in Windows Azure storage. You can provide a
name for the VHD file that is added to storage, but Windows Azure generates the
name of the disk automatically.
Microsoft Partner Network Internal Use Only
You can upload and attach a data disk that already contains data to the
virtual machine. The virtual machine is not stopped to add the disk.
You are limited in the number of disks that you can attach to a virtual
machine based on the size of the machine.
Microsoft Partner Network Internal Use Only
Monitoring VMs
Mobile Services
- Mobile service alert rules on monitoring metrics from mobile endpoint status.
Microsoft Partner Network Internal Use Only
Integration
Azure
App
Controller
Portal
Service
Manager
Service
Manager
Portal
CMDB
SM Data
Warehouse
Integration
Pack
CI Connector
Active
Directory
OM Data
Warehouse
Orchestrator
Virtual
Machine
Manager
VMM/OM Integration
Hyper-V
Microsoft Partner Network Internal Use Only
Operations
Manager
Reporting
Data
Customers
IT Admin
Windows Azure
Customers
IT Admin
In your datacenter
Customers
IT Admin
In your datacenter
Customers
IT Admin
Windows
Azure
Pack
Tenant experience
Homepage
Customer
ONE
Microsoft
Consistent
Platform
Service
Provider
Tenant experience
Dashboard
Customer
ONE
Microsoft
Consistent
Platform
Service
Provider
Resources
http://www.windowsazure.com/en-us/pricing/free-trial
http://www.microsoft.com/windowsazure/sla
http://www.microsoftvirtualacademy.com/training-courses/introduction-to-windows-azure
http://www.microsoft.com/en-us/download/details.aspx?id=8396
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/MDC-B360#fbid=kPnKhtBFYsz
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/WAD-B309
http://www.windowsazure.com/en-us/documentation/services/virtual-machines/?fb=it-it
http://aka.ms/mpnsupport
latampts@microsoft.com
http://aka.ms/supportcommunities
Thank you!
latampts@microsoft.com
2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for
informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentations. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on
the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN
THIS PRESENTATION.