Downloaded 14 times
Uploaded byInCycleSoftware
Hybrid IT With Azure's Cloud Services
The document is a webinar presentation by William H. Salazar on Hybrid IT with Azure's cloud services, covering various networking options such as point-to-site and site-to-site VPNs, Azure Load Balancer, and Traffic Manager for application performance and connectivity. It details cloud service architecture, including virtual networks, routing, and networking costs, while highlighting the benefits of private networks over public ones. The presentation concludes with an invitation for questions and additional resources on consulting services.
Hybrid IT With Azure's Cloud Services
- 1. Webinar: Hybrid IT withAzure’s Cloud Services William H. Salazar Senior ALM Consultant InCycle Software
- 2. We Help Organizations Getto the Next Level ALM MVPs and ALM consultants in six locations
- 3.
- 4. Virtual Networks Point toSite VPN Site to Site VPN Express Route
- 5. Virtual Networks Virtual Network <subnetX> <subnet Y> <subnet Z> DNS Server Microsoft Azure
- 6. VNet to VNet USWest Vnet C US West Vnet B US East Vnet B Internet Connectivity between Virtual Networks Enables rich network topologies in the cloud US East Vnet A US West Vnet A
- 7.
- 8. On-premises Your datacenter Individual computers behind corporatefirewall Point-to-Site VPN Route-based VPN Azure Virtual Network <subnet 1> <subnet 2> <subnet 3> DNS Server VPN Gateway Remote workers Point-to-Site VPNs
- 9. On-premises Your datacenter Individual computers behind corporatefirewall Route-based VPN Azure Virtual Network <subnet 1> <subnet 2> <subnet 3> DNS Server VPN Gateway Remote workers Site-to-Site VPN Site-to-Site VPNs Point-to-Site VPN
- 10. Avoids risks fromexposure to Internet Avoids complexity and added costs Provides lower latency, higher bandwidth and greater availability Private Network Site 1 Site 2 Site 3 Virtual Network VPN Greater networking costs and higher latency Data traverses the Internet to reach public cloud Limited bandwidth Private Network Site 1 Site 1 Site 3 Express Route
- 11.
- 12. Azure Load Balancer •Layer-4 TCP and UDP Traffic Distribution • IaaS / PaaS Tenants • Multiple Endpoints • Service Monitoring • Source NAT
- 13.
- 14. Distribution Mode –Source IP Affinity
- 15. Example – LoadBalancer Configuration
- 16. Internal Load Balancer InternetFacing Multi-Tier Services with Cloud Services
- 17. Internal Load Balancer MultipleCloud Services in a Virtual Network
- 18. Traffic Manager Reduce applicationdowntime Improved app performance, content delivery Distribute use traffic over multiple locations Works with your on-premises datacenter
- 19. Traffic Manager 1 2 3 4 www.contoso.com INCNAME contoso.trafficmanager.net 5 6 DNS 1. User Traffic To Company Domain Name 2. Company Domain Name To Traffic Manager Domain Name 3. Traffic Manager Domain Name & Profile 4. Traffic Manager Process Profile Rules 5. Endpoint Domain Name Sent To User 6. User Calls Endpoint
- 20. Traffic Manager –Failover DNS 1 2 3 4 Check the ordered endpoints CS-A Primary CS-B Standby 1 CS-C Standby 2 CS-D Standby 3 Offline Endpoints Status 1. CS-A Offline 2. CS-B Online 3. CS-C Online 4. CS-D Online
- 21. Traffic Manager –Round Robin DNS 1 2 3 4 Select CS-C (random, based on weight) CS-A CS-B CS-C CS-D Endpoints Weights CS-A 2 CS-B 2 CS-C 5 CS-D 1
- 22. Traffic Manager –Performance DNS 1 2 3 4 Look up latency times CS-A CS-B CS-C CS-D 5 6 IP range US West US East West Europe East Asia … … … … … 131.107.0.0/16 230 ms 180 ms 6 ms 25 ms … … … … … Cloud service Datacenter CS-A East Asia CS-B West Europe CS-C US East CS-D US West Maintain Internet Latency Table 131.107.89.14 Local DNS server
- 23. Virtual IP Address– VIP Reserved Virtual IP Address - RVIP Static Internal IP Address – DIP Public Instance IP Address – PIP
- 24. IP Addressing Overview VirtualIP Address - VIP Dynamic IP Address - DIP foo.cloudapp.net VIP
- 25.
- 26.
- 27. Instance Public IPAddress Why PIP Constraints foo.cloudapp.net VIP
- 28. Network Endpoint ACLs NetworkSecurity Groups Multiple NICs
- 29. Network Endpoint ACLs IP:101. 121.---.255 IP: 127.255. ---.--- IP: 2001:4898:9:2:--- :e60c:b118:--- IP: 111.111. ---.--- 29 IP: 101. 121.---.255 IP: 127.255. ---.--- End Point ACL
- 30. Network Security Groups NamePriority Source IP Source Port Destination IP Destination Port Protocol Access WEB 100 INTERNET * * 80 TCP ALLOW
- 31. Multiple NICs VM Size(Standard Tier) Maximum NICs A3, A6, D3, A8, G3, D12 (4-core VMs except G3-8, A8-8) 2 A4, A7, A9, G4, D4, D13 (8-core VMs except G4-16, A9- 16) 4 G5 (32-core), DS14 (16-core) 8 All other sizes 1
- 32. Questions? William H. Salazar SeniorALM Consultant InCycle Software Los Angeles, CA (714) 493-3210 william.salazar@incyclesoftware.com www.incyclesoftware.com
- 33. Offers Contact us at:info@incyclesoftware.com /InCycleSoftware @InCycleSoftware /company/incycle-software incyclesoftware.com/blog/ Custom Training or Coaching Dev & Test with Azure Jump Start Assessment & Roadmap with AZDPS