Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Don't be afraid of moving infrastructure into Azure!


Published on

This fast-paced session will cover the basics of Azure Infrastructure-as-a-Service (IaaS), as well as the building blocks required for running your infrastructure in the cloud. We will discuss the two Azure API’s (RM & SM), how they’re similar, and how they differ. The demonstration will include a real-life scenario of automating the provisioning of a complete virtual solution in Azure. By the end of this session, you will have a solid understanding of the process of moving infrastructure into Azure IaaS!

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Don't be afraid of moving infrastructure into Azure!

  2. 2. RYAN DENNIS Solution Architect at Blue Chip Consulting Group /in/SharePointRyan FatherHusband Author GuitaristDrummer Cyclist Ryan at a glance Play and explore
  3. 3. 10/6/2016 Archie Dog 8-year old Pembroke Welsh Corgi
  4. 4. 10/6/2016 AGENDA Why move infrastructure to Azure? Overview of Azure Deployment Models (Resource Manager vs. Classic) Azure RM Component Overview Resource Group Considerations Extending your on-premises network into Azure Automating deployments using PowerShell Bringing it all together Demo Q&A 4
  5. 5. 10/6/2016 WHY MOVE INFRASTRUCTURE TO AZURE?  To avoid purchasing infrastructure (servers, load balancers, storage, networking, etc.) for on-premises  To allow for easy scaling when load dictates it  To build hybrid workloads (e.g. SP Search in Azure for hybrid SP Online environment)  To perform rapid development / prototyping / testing 5
  6. 6. 10/6/2016 AZURE DEPLOYMENT MODEL OVERVIEW 6 2/17/2016 ClassicDeploymentModel • No way to group resources together • Uses Classic Portal • Could script deployments, but more cumbersome • All deployments, management, and monitoring done manually / one-by-one • No ability to define dependencies for deployments ResourceManagerModel • Introduced the Resource Group • Uses the new Azure Portal • Deploy, manage, and monitor all services as a group • Much better management and controls • Dependencies can be defined to ensure proper deployment order
  7. 7. 10/6/2016 2/17/2016 7 CLASSIC PORTAL
  8. 8. 10/6/2016 2/17/2016 8 MODERN PORTAL
  9. 9. 10/6/2016 CLASSIC DEPLOYMENT MODEL 9 Azure Subscription On-Premises Network VPN Gateway Site to Site VPN Cloud Service sp-cloud-svc Cloud Service sql-cloud-svc Cloud Service dc-cloud-svc Azure Virtual Network Availability Set Domain Controllers DC2 DC1 Availability Set SharePoint Servers SP1 SP2 Availability Set SQL Servers SQL1 SQL2 Datacenter
  10. 10. 10/6/2016 CLASSIC MODEL – ZOOMED IN 10 Virtual Network Subnet 1 Subnet 2 Disk (blob) Cloud Service Storage Account VM w/ IP Address Load balancer w/ IP Address
  11. 11. 10/6/2016 RESOURCE MANAGER DEPLOYMENT MODEL Virtual Network Subnet 1 Subnet 2 Network card x.x.x.x Load Balancer IP Address Disk (blob) Storage Account Resource Group Network Security Groups x.x.x.x VM IP Address Availability Set Storage Resource Provider (SRP) Compute Resource Provider (CRP) Network Resource Provider (NRP)
  12. 12. 10/6/2016 7 RESOURCE GROUP CONSIDERATIONS 1. All the resources in your group should share the same lifecycle. You deploy, update, and delete them together. If one resource, such as a database server, needs to exist on a different deployment cycle it should be in another resource group. 2. Each resource can only exist in one resource group. 3. You can add or remove a resource to a resource group at any time. 4. You can move a resource from one resource group to another group. 5. A resource group can contain resources that reside in different regions. 6. A resource group can be used to scope access control for administrative actions. 7. A resource can interact with resources in other resource groups. This interaction is common when the two resources are related but do not share the same lifecycle (for example, web apps connecting to a database). 12 Reference:
  13. 13. 10/6/2016 EXTENDING YOUR ON-PREMISES NETWORK Point-to-site VPN • Create secure (SSTP) connections from your Windows box to your virtual network • Quick and easy for prototyping, development, testing, and simulation purposes • You can use the same setup and configuration to work with some site-to-site connectivity options Site-to-site VPN • Create secure (IPSec) connections from your on-premises site to your virtual network • Enables truly hybrid applications in Azure • Use this service in cases where your cross-premises connectivity throughput is nominal (~ 100 Mbps) ExpressRoute • Create private connections between Azure datacenters and your on- premises or co-location environment • Does not use the public internet, more reliable, faster speeds • Dedicated MPLS connection from a network service provider 13
  14. 14. 10/6/2016 AUTOMATING DEPLOYMENTS WITH POWERSHELL 1. Install the AzureRM module (Install-Module AzureRM) 2. Import the AzureRM module (Import-Module AzureRM) 3. Login to your Azure environment (Login-AzureRMAccount) 4. Discover the Azure modules (Get-Module AzureRM*) 5. Discover the Azure cmdlets (Get-Command –Module AzureRM.Compute) 14
  15. 15. 10/6/2016 USING DEPLOYMENT TEMPLATES  Use JSON deployment templates to repeatedly deploy your application / infrastructure  Azure Resource Manager analyzes dependencies to ensure resources are created in the correct order  Start out with a basic template, and add resources to the template later – only the updates will be applied  Want to delete something from your resource group? You can do that too! 15
  16. 16. 10/6/2016 16 ResourceGroup Virtual Network Subnet 1 Subnet 2 Storage Account Disk / Blob Disk / Blob Disk / Blob VM Availability Set Network card Network card Network card Network Load Balancer Active Directory Domain Controllers SharePoint Servers SQL Servers
  17. 17. 10/6/2016 DEMO DETAILS  A Virtual Network  Three Storage Accounts: one is used for AD VMs, one for SQL Server VMs and one for SP VMs  Three external and one internal load balancers  A NAT Rule to allow RDP to one VM which can be used as a jump box, a load balancer rule for ILB for a SQL Listener, a load balancer rule for HTTP traffic on port 80 for SharePoint and a NAT rule for SharePoint Central Admin access  Three public IP addresses, one for RDP access, one for the SharePoint site and one for SharePoint Central Admin.  Two VMs as Domain Controllers for a new Forest and Domain  Two VMs in a Windows Server Cluster running SQL Server 2014 with an availability group, an additional VM acts as a File Share Witness for the Cluster  Two SharePoint App Servers  Two SharePoint Web Servers  Four Availability Sets one for the AD VMs, one for the SQL and Witness VMs, one for the SharePoint App Servers and one for the SharePoint Web Servers the SQLWitness Availability Set is configured with three Update Domains and three Fault Domains to ensure that quorum can always be attained. 17
  19. 19. 10/6/2016 DEMO RECAP  Utilized the Azure Marketplace template to build a highly-available SharePoint Server Farm in Azure IaaS  Implemented:  Two domain controllers  SQL Server AlwaysOn Availability Group with 2 SQL Servers and a Cluster Witness server  4 SharePoint VMs  Networking, Storage, etc. 19
  20. 20. 10/6/2016 KEY TAKEAWAYS  Use Azure Marketplace to quickly find and provision VM workloads  Modify the JSON templates to your liking  Use GitHub to find community samples for deployment templates  Build your own deployment templates  Quickly spin up / spin down VMs in the cloud  Avoid running them when not in use, that gets pricy!  Azure is Easy! 20
  21. 21. 10/6/2016 QUESTIONS? Q&A 21
  22. 22. RYAN DENNIS Solution Architect at Blue Chip Consulting Group /in/SharePointRyan FatherHusband Author GuitaristDrummer Cyclist Ryan at a glance Play and explore