Following on from Brad Anderson’s keynote speech on Empowering Your Journey to the Cloud was my next session – “Extend your Datacenter to the Cloud with Simon Davies.
As with the keynote this was a packed event.
Extend your datacenter to the cloud
Simon Davies began the presentation by highlighting the Azure strategy. If you’re an experienced Azure use then you’re probably already aware of much of the content.
- IT Pro’s and their challenges
- Azure from the ground up
- Datacentres, computers, storage, networks
- Moving up the stack to Platform Services
The public cloud is centred mainly around a shared responsibility. Whereas customers are responsible for the core components on premise (compute, storage, networking), Microsoft takes care of this in Azure. The customer still takes care of the OS, middleware, runtime and data.
Using PaaS, customers are still responsible for applications and data. With SaaS, the vendor takes care of everything.
IT leaders are thinking:
- Datacentres are too expensive
- Datacentres are over-provisioned
- This public cloud thing… is it cheaper? More complicated? Insecure?
How Microsoft Can Help
Microsoft’s Public Cloud Platform, Azure, has been around since 2009 and is built on global datacentres. It consists of infrastructures services, platform services and hybrid operations.
However the service doesn’t end there. Microsoft is bringing the stack back to your premises with Azure Stack. Continuous Improvement – lessons learned in the public cloud – can be fed back to the on-premises Azure Stack.
Microsoft’s infrastructure is certainly impressive:
- 100+ datacentres
- Top 3 networks in the world
- 22 live regions (some Government only)
- Twice as many regions as AWS, six times as many as Google
- Four more regions to come
- The largest VM in the World… 32 cores, 448GB RAM
If you choose to deploy services in one region you can automatically enable replication to another region for disaster recovery.
Each region is autonomous with regards to power and storage.
On top of the global infrastructure is compute (VMs and Container Service), storage (BLOB storage, Azure files and premium storage for guaranteed performance) and networking (including DNS services, load-balancers, VPN Gateways). Customers can also using existing telco providers to connect their on-premise networks to Azure. Site-to-site VPN networks are also available.
Simon then gave a live demo of the Azure Portal and IaaS. It’s important to note that whilst the portal is quick and easy, it’s not the only way to access Azure services. Command-line utilities exist, along with REST APIs.
Creating a new Windows Server 2012 R2 server was simply a case of filling out six boxes and clicking OK. Numerous virtual machine sizing options are available.
Once up and running, customers can access their newly-created Azure virtual machine by downloading a custom RDP file. Similarly Linux (in this case Red Hat) machines can be accessed using SSH.
Ironically, Simon’s VM failed to deploy…
On top of the Infrastructure Services are the Platform Services, of which some of them are:
- Services Compute
- Media & CDN
- Web & Mobile
- Developer Services
- Analytics & IoT
Microsoft is keen to stress their Trust and Control. This includes physical components, such as security staff, cameras and alarms, two-tier access control etc.
At the infrastructure level, Microsoft use operational security controls, red/blue team security challengers and forensics.
At the network level there are ACLs, security appliances and isolated VNets.
Finally at the VM level there are encrypted keystores and the like.
Microsoft Azure adheres and indeed embraces the following standards:
- ISO/IEC 27001
- SOC 1 & 2
- FIPS 140-2
- UK G-Cloud
There are a number of benefits to using a an ecosystem such as Azure. Examples include the marketplace for vendors, billing on your terms, integrated and consistent management and ease of deployment.
The next session is “Windows 10 in the Enterprise“.