Overview of Windows Azure Virtual Machines - the IaaS offering in the Windows Azure platform. The presentation covers the compute, storage and network features of Virtual Machines. It also describes how best to deploy Windows Azure cloud services and VMs.
2. WhoAm I
• Neil Mackenzie
• Windows Azure Lead –Satory Global
• neil.mackenzie@satory.com
• @mknz
• http://convective.wordpress.com
• Author: Microsoft Windows Azure Development Cookbook
• Microsoft MVP forWindows Azure
5. WindowsAzure
• Microsoft’s public cloud platform
• Global availability
• Scale-out performance model
• Per-minute billing
• Pay-as-you-go, commitment discounts, Enterprise Agreement
• Paid support
6. Global Availability (Datacenters)
• NorthAmerica
• US East, USWest, US North Central, US South Central
• Europe
• West Europe (Amsterdam), North Europe (Dublin)
• Asia
• East Asia (Hong Kong), South East Asia (Singapore
• Announced: Japan East(Tokyo), JapanWest (Kansai)
• China (Behind Great Firewall)
• Beta: Shanghai
• Australia
• Announced: New South Wales,Victoria
9. Cloud Service
• Container for a scalable collection of relatedVMs
• VMs can be heterogeneous (different sizes and OS)
• Cloud service has a single public IP address (VIP)
• VIP is stable as long as there is aVM deployed into the service
• VIP exists even if there is no public endpoint declared
• Multiple cloud services can be aggregated using aVNET
• Each cloud service has its ownVIP
• VMs can access each other through theVNET
10. WindowsAzureVirtual Machines
• VM
• Various instance sizes
• Compute, RAM, # attached disks
• Disks are fixed-formatVHDs
• Autonomic self-healing
• VM moved automatically if fabric controller detects failure of physical server
• Virtualization
• Hyper-V
• Microsoft manages Host OS
• Customer manages Guest OS
• Virtual layer metrics (CPU, I/O, etc.) exposed toWindowsAzure Management Portal
11. VM Images
• Gallery Images:
• Windows Server 2008 R2, 2012
• Linux ( CentOS, Ubuntu, Suse, OpenSuse)
• SQL Server, BizTalk Server, SharePoint, …
• Oracle (WebLogic, Java, …)
• VM Depot
• Pre-configured OSS servers
• Custom Images
• Upload images created on-premises
• Fixed-formatVHD
12. Instance Sizes
VM Size Cores Memory
(GB)
Max
Disks
Max IOPS
Extra Small Shared 0.768 1 1*500
Small 1 1.75 2 2*500
Medium 2 3.5 4 4*500
Large 4 7 8 8*500
Extra Large 8 14 16 16*500
High Memory (A5) 2 14 4 4*500
High Memory (A6) 4 28 8 8*500
High Memory (A7) 8 56 16 16*500
13. Disks
• EachVM comes with two disks:
• OS disk: durable - persisted as page blob inWindowsAzure Blob Storage (c:)
• Temp Disk: ephemeral – hosted on theVM (d:)
• Additional data disks may be attached
• Two 1TB disks per core
• 500 iops per disk
• Durable – persisted as page blob inWindowsAzure Blob Storage
• For HA, each disk has 3 local replicas and (optionally) 3 remote replicas
• Caching
• Read/write – default for OS disk
• None – default for attached data disks
15. High Availability
• Availability Set
• Fault domain
• Upgrade domain
• EachVM has an associated fault domain and upgrade domain
• 99.95% SLA when two or moreVMs deployed in an availability set
• Fault Domain
• Avoids single point of failure (“different racks”)
• Upgrade domain
• Host OS upgrades happen one upgrade domain at a time
16. Deployment Options
• Windows Azure Management Portal
• Scripting
• PowerShell
• Cross-platform CLI
• Windows Azure Service Management REST API
• System Center
• RightScale
• Chef
18. Connectivity Options
• Virtual Network (VNET)
• Private network
• Hosts one or more cloud services
• Provides network integration for PaaS and IaaS cloud services
• VPN
• WindowsAzure Gateway hosted in aVNET
• Site-to-Site (IT Admin)
• Point-to-Site (developer)
19. NetworkTopology
• VNET
• Subnets
• VPNGateway
• Point-to-siteVPN
• Site-to-Site VPN
• DNS must be provided for name resolution in aVNET
• Cloud service
• Single publicVIP
• Static as long as at least oneVM is deployed in the cloud service
• VM
• Single NIC
• DIP allocated on a permanent lease - as long asVM deployed
20. Security
• Windows Azure load balancer
• Ingress – allows only traffic on endpoints specified forVMs
• Egress – allows all traffic
• Protocols
• TCP, UDP only
• ICMP is NOT supported for ingress (i.e., ping does not work)
• Firewall
• Full control of firewall on eachVM
• VNET is a security boundary
• Cloud service is a security boundary when not in aVNET
22. Cost
• Compute
• Windows: 9 cents / hour / core
• Linux: 6 cents / hour / core
• Per-minute billing
• No charge for de-allocatedVMs
• Storage
• 7 cents / GB / month (locally redundant)
• 10 cents / million storage operations
• Note thatVHDs are stored in page blobs which are sparse (billing only for used space)
• Egress
• 60 cents / 10GB
23. Affinity Group
• Co-location feature inside a datacenter
• Compute
• Storage
• VNET
• Mandatory forVNET
• Provides improved performance for integrated compute and storage
24. Workflow for Creating a Cloud Service
• Create an affinity group in a specific datacenter
• Provides a logical name for a part of the datacenter
• Provides lower latency between compute and storage
• Create a storage account in the affinity group
• Create aVNET in the affinity group
• Create a cloud service in theVNET
25. Workflow for Creating aVM
• Create aVM in the cloud service
• Select instance size
• Select OS image or existingVHD
• Add endpoints (if desired)
• Load balanced / port forwarded
• Create/addVM to availability set (if desired for HA)
• Add one or more data disks (if desired)
26. Workflow for CreatingVM Image
• CreateVM in a cloud service
• Install and configure required software
• WindowsVM - RDP in and invoke %windir%system32sysprep.exe
• LinuxVM - SSH in and invoke: sudo waagent –deprovision
• On the portal, Capture the image
• Automatically deletes theVM
%windir%system32sysprep