AZURE VS. AWS BEST
PRACTICES:
WHAT YOU NEED TO KNOW
• Utpal Thakrar
• Senior Product Manager, RightScale
• Brian Adler
• Principal Cloud Architect, RightScale
Webinar recording and slides will be emailed to all registrants
Panelists
POLLING QUESTIONS
• AWS and Azure Adoption Trends
• Comparing IaaS Resources & Key IaaS+ Services
• High-Availability
• Network Topology
• 3-Tier Application Best Practices
• On-Premises Integration
• Multi-Cloud Management
Agenda
Single private
5%
Single public
10%
No plans
3%
Multiple private
14%
Multiple public
13%
Hybrid cloud
55%
82%
Enterprise Cloud Strategy
1000+ employees
Multi-Cloud
82%
82% of Enterprises Want Multi-Cloud
4
Source: RightScale 2015 State of the Cloud Report
1. Operate anywhere
2. Leverage existing investments
3. Optimize costs
4. Access unique capabilities
5. Create resilient architectures
6. Maintain vendor leverage
7. Future-proof your cloud
strategy
8. Multi-cloud happens
The Multi-Cloud Drivers
5
2%
5%
5%
5%
8%
9%
11%
12%
57%
5%
8%
10%
16%
13%
13%
9%
17%
17%
6%
7%
8%
13%
10%
13%
9%
12%
7%
0% 20% 40% 60% 80% 100%
HP Helion Public Cloud
IBM SoftLayer
VMware vCloud Air
Google IaaS
Google App Engine
Azure PaaS
Rackspace Public Cloud
Azure IaaS
AWS
Public Cloud Usage
% of Respondents Running Applications
Running apps
Experimenting
Plan to use
Public Cloud Usage – All Respondents
Source: RightScale 2015 State of the Cloud Report
4%
4%
8%
4%
9%
7%
12%
6%
54%
2%
5%
5%
5%
8%
9%
11%
12%
57%
HP Helion Public Cloud
IBM SoftLayer
VMware vCloud Air (vCHS)
Google IaaS
Google App Engine
Azure PaaS
Rackspace Public Cloud
Azure IaaS
AWS
Public Cloud Usage 2015 vs. 2014
% of Respondents Running Applications
2015
2014
Public Cloud Usage YoY – All Respondents
Source: RightScale 2015 State of the Cloud Report
2%
6%
7%
9%
10%
10%
15%
19%
50%
7%
11%
13%
12%
14%
10%
20%
23%
20%
6%
6%
11%
9%
10%
7%
14%
13%
7%
0% 20% 40% 60% 80% 100%
HP Helion Public Cloud
IBM SoftLayer
Google IaaS
Google App Engine
VMware vCloud Air
Rackspace Public Cloud
Azure PaaS
Azure IaaS
AWS
Enterprise Public Cloud Usage
% of Respondents Running Applications
Running apps
Experimenting
Plan to use
Public Cloud Usage – Enterprises
Source: RightScale 2015 State of the Cloud Report
AZURE VS. AWS:
IAAS RESOURCES AND
IAAS+ SERVICES
AWS and Azure Global Regions
Singapore
Hong Kong
Tokyo
DC Area
SF Area
Dublin
Amsterdam
Oregon
São Paulo
Beijing
Sydney
Frankfurt
Melbourne
Iowa
Illinois
Texas
Virginia
Microsoft Azure (17)
Amazon Web Services (10)
Osaka
Source: AWS and Azure documentation
IaaS Resources: Compute
AWS Azure
Amazon Web Services Microsoft Azure
General Purpose (T2, M3) General Purpose (A-series)
Compute Optimized (C3, C4)
• 36 vCPU x 60 GB
Compute Optimized (A11)
• 16 vCPU x 112 GB
Network Optimized (A9)
• 16 vCPU x 112 GB x 40Gb Infiniband
Memory Optimized (R3)
• 32 vCPU x 244 GB
Compute Optimized (D-series)
• 16 vCPU x 112 GB
Storage Optimized (I2)
• 32 vCPU x 244 GB x 6.4TB SSD
Storage Optimized (DS)
• In Preview
Dense Storage (D2)
• 32 vCPU x 244 GB x 48 TB
Performance Optimized (G-series)
• 32 vCPU x 448 GB
IaaS Resources: Storage
AWS AzureAmazon Web Services Microsoft Azure
S3 Object Storage
• 11-9s durability (FAQ)
• 3-9s availability
• Reduced redundancy option
• Geo-redundancy option
Standard Storage Account
• Blob, Table, Queue Storage
• File Storage
• Local, Zone, Geo redundancy
option
• 3-9s availability
EBS Block Storage (Volumes)
• Magnetic
• SSD
• Provisioned IOPS
• Encryption option
Premium Storage Account
• In preview
• 50K IOPS per VM, < 1ms latency
• Locally Redundant
Glacier Archival Azure Backup
Import / Export Methods Import / Export Methods
IaaS Resources: Network
AWS AzureAmazon Web Services Microsoft Azure
Virtual Private Cloud (VPC) Virtual Network
VPN Point-to-Site, Site-to-Site
Direct Connect ExpressRoute
Elastic Load Balancer Traffic Manager / Azure Load
Balancer
Route 53 Bring your own
IaaS+ Services: Databases / Data Warehouse
AWS AzureAmazon Web Services Microsoft Azure
RDS Azure SQL
DynamoDB Azure Tables
ElastiCache Azure Cache
Redshift SQL Server Data Warehouse
Aurora
IaaS+ Services: Other Key Services
AWS AzureAmazon Web Services Microsoft Azure
Identity and Access Management (IAM) Azure Active Directory
CloudWatch Azure Monitoring
Workload Placement Concepts
AWS AzureAmazon Web Services Microsoft Azure
Availability Zones Availability Sets
• Fault Domain
• Update Domain
Placement Group Affinity Group
Continuous Delivery
AWS AzureAmazon Web Services Microsoft Azure
CodeDeploy
CodeCommit
CodePipeline
Visual Studio Online (VSO)
Team Foundation Server (TFS)
Pricing Models (Compute)
AWS AzureAmazon Web Services Microsoft Azure
On-Demand Pricing • Free Tier
• Per Hour
• No charge for “Stopped”
• Pay for EBS volume
• Free Trial
• Per-Minute
• “Stopped (Allocated)” bills for VM,
not SW
• No charge for “Stopped (De-
Allocated)
Discount Options • Reserved Instances
• All upfront (largest discount)
• Partial upfront
• No upfront
• RI Volume Discounts
• $500K-$4M = 5%
• $4M-$10M = 10%
• >$10M = contact AWS
• Spot Instances
• RI Marketplace
• Through Resellers
• Enterprise agreement
• Upfront monetary commitment to
Azure.
• Consumed throughout the year by
using any Azure services
• Billed for overages at EA rate
• MSDN (per month credit)
• BizSpark
NETWORK TOPOLOGY
• VPC: Virtual Private Cloud
• Subnets: Range of IP addresses in your VPC
• Network ACLs: Network Access Control Lists applied to subnets
• Route tables: Applied to subnet(s) specifying routing rules
• Security groups: Specifies inbound/outbound access policies for EC2 instance
• AZ: Availability Zone
• IGW: Internet gateway, provides access to the Internet
• VPC Peering: Private routing between two VPCs
• VGW: Gateway to enable customer connection
When to use VPC?
Always! It’s the default
AWS VPC: Basics and Definitions
Steps to Create an N-Tier Architecture
• Create a VPC
• Create one or more Subnets in AZs
• Create Route Tables and Network ACLs for
these subnets
• Create Security groups that can be used
with VM launch
• Route the public Subnet to an IGW
• Launch VMs in these Subnets + Availability
Zones + Security group
Anatomy of AWS VPC
AZ1
Private subnet
Private subnet
Public subnet
IGW
LB
Master
DB tier
App tier
AWS: Highly-Available 3-Tier application
AZ1 AZ2
Private subnet
Private subnet
Public subnet
Private subnet
Private subnet
Public subnet
IGW
LB
DB tier
App tier
Slave DB
App tier
DNS
• Virtual Network: Virtual Private Cloud
• Traffic Manager: DNS level load balancing
• Azure Endpoints: Port-forwarding rules for Azure VMs
• Load-balanced sets: Applied to subnet(s) specifying routing rules
• Network Security groups: Specifies inbound/outbound access policies for VMs
• IP addressing: Instance level PIP, VIP, Reserved Private IP
• Virtual Network Gateway
When to use Virtual Networks?
• For On-Premises or VNET-to-VNET connectivity
• Your VMs need to communicate directly with each other on private network
RightScale recommends use of Virtual Networks for all use-cases
Azure Virtual Network: Basics and Definitions
Steps to Create an N-Tier Architecture
• Create a Virtual Network
• Define Availability Sets
• Create one or more Subnets
• Launch VMs in these Subnets +
Availability sets
• Define Endpoints for public access
• Create Load-balanced sets for VMs in
various tiers and assign them to
endpoints
• Create Traffic Manager profile for geo-
distributed workloads
Anatomy of Azure Virtual Networks
Availability set
Availability set
Azure: Highly-Available 3-Tier application
Virtual Network
Affinity group / Region
Availability set
Availability set
DB-Subnet-Private
App-Subnet-Private
NSG
NSG
80
8080 8080
Service endpoint
Traffic Manager
Primary Mirror
INTEGRATION TO ON-
PREMISES
AWS: On-Premises Integration over VPN
AWS Direct Connect: On-Premises Integration
• Benefits
• Azure compatible on-premises
cloud
• Portability to Azure public cloud
• Ease of connectivity to public
• Who should use it?
• MSFT System Center users
managing Hyper-V fleet
• CPS is all-integrated hardware-
based solution
Azure Pack / Cloud Platform System (CPS)
Azure ExpressRoute: On-Premises Integration
Connect On-Prem or Co-Lo
to Azure public cloud
Does not go over public
Internet
Better security, speed
SLA is 99.9%
Network Service Providers
can offer up to 1Gbps
Exchange Service Providers
can offer up to 10Gbps
Azure Site-to-Site
On-premises
network
Site-to-site VPN
connection
VPN
device
VirtualNetworkName
Address space: ww.xx.yy.zz/n
DNS server: ww.xx.yy.zz
SubnetName
ww.xx.yy.zz/n
SubnetName
ww.xx.yy.zz/n
SubnetName
ww.xx.yy.zz/n
Gateway Subnet
ww.xx.yy.zz/n
Azure
Public IP
Your
Public IP
Address space
ww.xx.yy.zz/n
MULTI-CLOUD MANAGEMENT
Resource Pools
Public Cloud 1
Requirements
Filters
Performance
Cost
Compliance
Geo-location
Security
Match Application Requirements to Clouds
33
Vendors
Existing DC
App 1 App 2
Application
Portfolio
App 1
App 2
App 3
App n
…
App 4
App 5
Public Cloud 2
Hosted Private
Internal Private
Virtualized
App 3
App 4 App 5
App 6
App 7
Broker Cloud Services with RightScale
34
Self-Service Cloud Analytics
RightScale Cloud Portfolio Management
Cloud Management
Design
Virtualized
Environments
Public
Clouds
Other
Services
Private
Clouds
Automate
Multi-Cloud Orchestration & Governance
OperateDeploy Report Optimize
Configuring Complete Cloud Systems
35
Load Balancers
App Servers
Master DB Slave DB
Replicate >
DNS
Configure a system:
Cloud Application Template (CAT)
Configure a server:
• ServerTemplates (portable)
• Docker container (portable)
• AMI
• CF
• VM template
Configuring Servers for Portability
36
AWS Azure Google CloudStack OpenStack vSphere
Multi-Cloud Image
Configuration Scripts Containers
• Definitive Guide to Cloud Portfolio Management
• www.rightscale.com/cloud-portfolio-management-guide
Webinar recording and slides will be emailed to all registrants
Q&A

Azure vs AWS Best Practices: What You Need to Know

  • 1.
    AZURE VS. AWSBEST PRACTICES: WHAT YOU NEED TO KNOW
  • 2.
    • Utpal Thakrar •Senior Product Manager, RightScale • Brian Adler • Principal Cloud Architect, RightScale Webinar recording and slides will be emailed to all registrants Panelists
  • 3.
  • 4.
    • AWS andAzure Adoption Trends • Comparing IaaS Resources & Key IaaS+ Services • High-Availability • Network Topology • 3-Tier Application Best Practices • On-Premises Integration • Multi-Cloud Management Agenda
  • 5.
    Single private 5% Single public 10% Noplans 3% Multiple private 14% Multiple public 13% Hybrid cloud 55% 82% Enterprise Cloud Strategy 1000+ employees Multi-Cloud 82% 82% of Enterprises Want Multi-Cloud 4 Source: RightScale 2015 State of the Cloud Report
  • 6.
    1. Operate anywhere 2.Leverage existing investments 3. Optimize costs 4. Access unique capabilities 5. Create resilient architectures 6. Maintain vendor leverage 7. Future-proof your cloud strategy 8. Multi-cloud happens The Multi-Cloud Drivers 5
  • 7.
    2% 5% 5% 5% 8% 9% 11% 12% 57% 5% 8% 10% 16% 13% 13% 9% 17% 17% 6% 7% 8% 13% 10% 13% 9% 12% 7% 0% 20% 40%60% 80% 100% HP Helion Public Cloud IBM SoftLayer VMware vCloud Air Google IaaS Google App Engine Azure PaaS Rackspace Public Cloud Azure IaaS AWS Public Cloud Usage % of Respondents Running Applications Running apps Experimenting Plan to use Public Cloud Usage – All Respondents Source: RightScale 2015 State of the Cloud Report
  • 8.
    4% 4% 8% 4% 9% 7% 12% 6% 54% 2% 5% 5% 5% 8% 9% 11% 12% 57% HP Helion PublicCloud IBM SoftLayer VMware vCloud Air (vCHS) Google IaaS Google App Engine Azure PaaS Rackspace Public Cloud Azure IaaS AWS Public Cloud Usage 2015 vs. 2014 % of Respondents Running Applications 2015 2014 Public Cloud Usage YoY – All Respondents Source: RightScale 2015 State of the Cloud Report
  • 9.
    2% 6% 7% 9% 10% 10% 15% 19% 50% 7% 11% 13% 12% 14% 10% 20% 23% 20% 6% 6% 11% 9% 10% 7% 14% 13% 7% 0% 20% 40%60% 80% 100% HP Helion Public Cloud IBM SoftLayer Google IaaS Google App Engine VMware vCloud Air Rackspace Public Cloud Azure PaaS Azure IaaS AWS Enterprise Public Cloud Usage % of Respondents Running Applications Running apps Experimenting Plan to use Public Cloud Usage – Enterprises Source: RightScale 2015 State of the Cloud Report
  • 10.
    AZURE VS. AWS: IAASRESOURCES AND IAAS+ SERVICES
  • 11.
    AWS and AzureGlobal Regions Singapore Hong Kong Tokyo DC Area SF Area Dublin Amsterdam Oregon São Paulo Beijing Sydney Frankfurt Melbourne Iowa Illinois Texas Virginia Microsoft Azure (17) Amazon Web Services (10) Osaka Source: AWS and Azure documentation
  • 12.
    IaaS Resources: Compute AWSAzure Amazon Web Services Microsoft Azure General Purpose (T2, M3) General Purpose (A-series) Compute Optimized (C3, C4) • 36 vCPU x 60 GB Compute Optimized (A11) • 16 vCPU x 112 GB Network Optimized (A9) • 16 vCPU x 112 GB x 40Gb Infiniband Memory Optimized (R3) • 32 vCPU x 244 GB Compute Optimized (D-series) • 16 vCPU x 112 GB Storage Optimized (I2) • 32 vCPU x 244 GB x 6.4TB SSD Storage Optimized (DS) • In Preview Dense Storage (D2) • 32 vCPU x 244 GB x 48 TB Performance Optimized (G-series) • 32 vCPU x 448 GB
  • 13.
    IaaS Resources: Storage AWSAzureAmazon Web Services Microsoft Azure S3 Object Storage • 11-9s durability (FAQ) • 3-9s availability • Reduced redundancy option • Geo-redundancy option Standard Storage Account • Blob, Table, Queue Storage • File Storage • Local, Zone, Geo redundancy option • 3-9s availability EBS Block Storage (Volumes) • Magnetic • SSD • Provisioned IOPS • Encryption option Premium Storage Account • In preview • 50K IOPS per VM, < 1ms latency • Locally Redundant Glacier Archival Azure Backup Import / Export Methods Import / Export Methods
  • 14.
    IaaS Resources: Network AWSAzureAmazon Web Services Microsoft Azure Virtual Private Cloud (VPC) Virtual Network VPN Point-to-Site, Site-to-Site Direct Connect ExpressRoute Elastic Load Balancer Traffic Manager / Azure Load Balancer Route 53 Bring your own
  • 15.
    IaaS+ Services: Databases/ Data Warehouse AWS AzureAmazon Web Services Microsoft Azure RDS Azure SQL DynamoDB Azure Tables ElastiCache Azure Cache Redshift SQL Server Data Warehouse Aurora
  • 16.
    IaaS+ Services: OtherKey Services AWS AzureAmazon Web Services Microsoft Azure Identity and Access Management (IAM) Azure Active Directory CloudWatch Azure Monitoring
  • 17.
    Workload Placement Concepts AWSAzureAmazon Web Services Microsoft Azure Availability Zones Availability Sets • Fault Domain • Update Domain Placement Group Affinity Group
  • 18.
    Continuous Delivery AWS AzureAmazonWeb Services Microsoft Azure CodeDeploy CodeCommit CodePipeline Visual Studio Online (VSO) Team Foundation Server (TFS)
  • 19.
    Pricing Models (Compute) AWSAzureAmazon Web Services Microsoft Azure On-Demand Pricing • Free Tier • Per Hour • No charge for “Stopped” • Pay for EBS volume • Free Trial • Per-Minute • “Stopped (Allocated)” bills for VM, not SW • No charge for “Stopped (De- Allocated) Discount Options • Reserved Instances • All upfront (largest discount) • Partial upfront • No upfront • RI Volume Discounts • $500K-$4M = 5% • $4M-$10M = 10% • >$10M = contact AWS • Spot Instances • RI Marketplace • Through Resellers • Enterprise agreement • Upfront monetary commitment to Azure. • Consumed throughout the year by using any Azure services • Billed for overages at EA rate • MSDN (per month credit) • BizSpark
  • 20.
  • 21.
    • VPC: VirtualPrivate Cloud • Subnets: Range of IP addresses in your VPC • Network ACLs: Network Access Control Lists applied to subnets • Route tables: Applied to subnet(s) specifying routing rules • Security groups: Specifies inbound/outbound access policies for EC2 instance • AZ: Availability Zone • IGW: Internet gateway, provides access to the Internet • VPC Peering: Private routing between two VPCs • VGW: Gateway to enable customer connection When to use VPC? Always! It’s the default AWS VPC: Basics and Definitions
  • 22.
    Steps to Createan N-Tier Architecture • Create a VPC • Create one or more Subnets in AZs • Create Route Tables and Network ACLs for these subnets • Create Security groups that can be used with VM launch • Route the public Subnet to an IGW • Launch VMs in these Subnets + Availability Zones + Security group Anatomy of AWS VPC AZ1 Private subnet Private subnet Public subnet IGW LB Master DB tier App tier
  • 23.
    AWS: Highly-Available 3-Tierapplication AZ1 AZ2 Private subnet Private subnet Public subnet Private subnet Private subnet Public subnet IGW LB DB tier App tier Slave DB App tier DNS
  • 24.
    • Virtual Network:Virtual Private Cloud • Traffic Manager: DNS level load balancing • Azure Endpoints: Port-forwarding rules for Azure VMs • Load-balanced sets: Applied to subnet(s) specifying routing rules • Network Security groups: Specifies inbound/outbound access policies for VMs • IP addressing: Instance level PIP, VIP, Reserved Private IP • Virtual Network Gateway When to use Virtual Networks? • For On-Premises or VNET-to-VNET connectivity • Your VMs need to communicate directly with each other on private network RightScale recommends use of Virtual Networks for all use-cases Azure Virtual Network: Basics and Definitions
  • 25.
    Steps to Createan N-Tier Architecture • Create a Virtual Network • Define Availability Sets • Create one or more Subnets • Launch VMs in these Subnets + Availability sets • Define Endpoints for public access • Create Load-balanced sets for VMs in various tiers and assign them to endpoints • Create Traffic Manager profile for geo- distributed workloads Anatomy of Azure Virtual Networks Availability set Availability set
  • 26.
    Azure: Highly-Available 3-Tierapplication Virtual Network Affinity group / Region Availability set Availability set DB-Subnet-Private App-Subnet-Private NSG NSG 80 8080 8080 Service endpoint Traffic Manager Primary Mirror
  • 27.
  • 28.
  • 29.
    AWS Direct Connect:On-Premises Integration
  • 30.
    • Benefits • Azurecompatible on-premises cloud • Portability to Azure public cloud • Ease of connectivity to public • Who should use it? • MSFT System Center users managing Hyper-V fleet • CPS is all-integrated hardware- based solution Azure Pack / Cloud Platform System (CPS)
  • 31.
    Azure ExpressRoute: On-PremisesIntegration Connect On-Prem or Co-Lo to Azure public cloud Does not go over public Internet Better security, speed SLA is 99.9% Network Service Providers can offer up to 1Gbps Exchange Service Providers can offer up to 10Gbps
  • 32.
    Azure Site-to-Site On-premises network Site-to-site VPN connection VPN device VirtualNetworkName Addressspace: ww.xx.yy.zz/n DNS server: ww.xx.yy.zz SubnetName ww.xx.yy.zz/n SubnetName ww.xx.yy.zz/n SubnetName ww.xx.yy.zz/n Gateway Subnet ww.xx.yy.zz/n Azure Public IP Your Public IP Address space ww.xx.yy.zz/n
  • 33.
  • 34.
    Resource Pools Public Cloud1 Requirements Filters Performance Cost Compliance Geo-location Security Match Application Requirements to Clouds 33 Vendors Existing DC App 1 App 2 Application Portfolio App 1 App 2 App 3 App n … App 4 App 5 Public Cloud 2 Hosted Private Internal Private Virtualized App 3 App 4 App 5 App 6 App 7
  • 35.
    Broker Cloud Serviceswith RightScale 34 Self-Service Cloud Analytics RightScale Cloud Portfolio Management Cloud Management Design Virtualized Environments Public Clouds Other Services Private Clouds Automate Multi-Cloud Orchestration & Governance OperateDeploy Report Optimize
  • 36.
    Configuring Complete CloudSystems 35 Load Balancers App Servers Master DB Slave DB Replicate > DNS Configure a system: Cloud Application Template (CAT) Configure a server: • ServerTemplates (portable) • Docker container (portable) • AMI • CF • VM template
  • 37.
    Configuring Servers forPortability 36 AWS Azure Google CloudStack OpenStack vSphere Multi-Cloud Image Configuration Scripts Containers
  • 38.
    • Definitive Guideto Cloud Portfolio Management • www.rightscale.com/cloud-portfolio-management-guide Webinar recording and slides will be emailed to all registrants Q&A