Azure Diario de Abordo

Logo de AzureDiario de abordo

Jos ngel Bolao @ Software Craftsmanship CLM

Qu veremos hoy?

Introduccin a AzureComparativa con AWSExperiencias empresariales reales en Azure

Mi stack de servicios tecnolgicos en 2016

Acerca de Office 365en realidad tambin es Azure.https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map

Office 365

https://twitter.com/xGokan/status/809338540790157312

Principales proveedores de cloud computing2002 AWS2003200420052006 Rackspace Cloud200720082009 Azure20102011 Google Cloud201220132014 IBM Bluemix (PaaS)

Ms proveedores: https://en.wikipedia.org/wiki/Category:Cloud_computing_providers

Por qu se elige Azure?Fcil de usar viniendo del stack de Microsoft.Pago por uso y acuerdos empresariales (Enterprise Agreement) que reducen aun ms el coste.Buen soporte empresarial.Alta disponibilidad, infraestructuras muy seguras.Soporta multitud regiones en sus CPDsGran cantidad de certificaciones

=> Opcin por defecto si ests en el stack Microsoft o eres empresa grande no tecnolgica (90% de las Fortune 500).

https://azure.microsoft.com/es-es/regions/https://azure.microsoft.com/en-us/overview/datacenters/

Por qu NO se elige Azure? (mi opinin)Mala prensa de Micro$oftMiedo al vendor lockin (especialmente en PaaS)Coste ligeramente superior en segn qu casos (vs Amazon y Google)Amazon est mejor orientado y posicionado en IaaS.Miedo a la prdida de control por parte de IT (aplicable a toda la nube).

Detalles importantesQu perfiles tpicos usan Azure?Enterprise: https://azure.microsoft.com/es-es/pricing/enterprise-agreement/Startups: https://msdn.microsoft.com/es-es/start-ups.aspxQu costes tiene?Pago por uso, Acuerdos y descuentos (EA, Developer, Spark).Licencias de software propietario incluidas en muchos casos.Calculadora de costes: https://azure.microsoft.com/en-us/pricing/calculator/Cmo de estable es?Disponibilidad del servicio: 99,9%-99,95%. Depende del servicio: https://azure.microsoft.com/en-us/support/legal/sla/summary/

Catlogo de serviciosAWS vs Azure

Azure

https://azureplatform.azurewebsites.net/en-us/

AWS

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapCompute (1/12)SubcategoryAWS ServiceAzure ServiceDescriptionVirtual serversEC2Virtual MachinesVirtual servers allow users to deploy, manage, and maintain OS and server software. Instance types provide combinations of CPU/RAM. Users pay for what they use with the flexibility to change sizes.Container managementEC2 Container ServiceContainer ServiceA container management service that supports Docker containers and allows users to run applications on managed instance clusters. It eliminates the need to operate cluster management software or design fault-tolerant cluster architectures.Web applicationElastic Beanstalk- Web AppsA fully managed web infrastructure that provides the underlying web server instances and surrounding security, management, resilience, and shared storage capabilities.- Cloud ServicesAuto scaleAuto Scaling- VM Scale SetsLets you automatically change the number of instances providing a particular compute workload. You set defined metric and thresholds that determine if the platform adds or removes instances.- App Service AutoScalingVirtual server disk infrastructureElastic Block Store (EBS)- Page BlobsProvides persistent, durable storage volumes for use with virtual machines, and offers the option to select different underlying physical storage types and performance characteristics.- Premium StorageBackend process logicLambda- FunctionsUsed to integrate systems and run backend processes in response to events or schedules without provisioning or managing servers.- Web Jobs- Logic AppsJob-based applicationsBatchOrchestration of the tasks and interactions between compute resources that are needed when you require processing across hundreds or thousands of compute nodes.Microservice-based applicationsService FabricA compute service that orchestrates and manages the execution, lifetime, and resilience of complex, inter-related code components that can be either stateless or stateful.API-based application runtimeAPI AppsBuild, manage, and host APIs enabling a variety of languages and SDKs with built-in authentication and analytics.Disaster recoverySite recoveryAutomates protection and replication of virtual machines. Offers health monitoring, recovery plans, and recovery plan testing.Predefined templatesAWS Quick StartAzure Quickstart TemplatesCommunity-led templates for creating and deploying virtual machine-based solutions.MarketplaceAWS MarketplaceAzure MarketplaceEasy-to-deploy and automatically configured third-party applications, including single virtual machine or multiple virtual machine solutions.

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapStorage and Content Delivery Services (2/12)SubcategoryAWS ServiceAzure ServiceDescriptionObject storageS3Blob StorageObject storage service, for use cases including cloud applications, content distribution, backup, archiving, disaster recovery, and big data analytics.Shared file storageElastic File System (Preview)File StorageProvides a simple interface to create and configure file systems quickly, and share common files. Its shared file storage without the need for a supporting virtual machine, and can be used with traditional protocols that access files over a network.Archiving and backupN/A (software)- Backup (software)Backup and archival solutions allow files and folders to be backed up and recovered from the cloud, and provides off-site protection against data loss. There are two components of backup software service that orchestrates backup/retrieval and the underlying backup storage infrastructure.Glacier and S3 (storage)- Blob Storage (storage)Hybrid storageStorage GatewayStorSimpleIntegrates on-premises IT environments with cloud storage. Automates data management and storage, plus supports in disaster recovery.Data transportImport/Export SnowballImport/ExportA data transport solution that uses secure disks and appliances to transfer large amounts of data. Also offers data protection during transit.Content deliveryCloudFrontContent Delivery NetworkA global content delivery network that delivers audio, video, applications, images, and other files.

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapDatabases (3/12)SubcategoryAWS ServiceAzure ServiceDescriptionRelational databaseRDSSQL DatabaseRelational database-as-a-service (DBaaS) where the database resilience, scale, and maintenance are primarily handled by the platform.NoSQL databaseDynamoDBDocumentDBA NoSQL document database service that automatically indexes JSON data for applications that require rich query and multi-document transactions.Data warehouseRedshiftSQL Data WarehouseA fully managed data warehouse that analyzes data using business intelligence tools. It can transact SQL queries across relational and non-relational data.Table storageDynamoDBTable StorageA non-relational data store for semi-structured data. Developers store and query data items via web services requests.SimpleDBCachingElastiCacheAzure Redis CacheAn in-memory based, distributed caching service that provides a high-performance store typically used to offload non-transactional work from a database.Database migrationDatabase Migration Service (Preview)SQL Database Migration WizardTypically is focused on the migration of database schema and data from one database format to a specific database technology in the cloud.

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapNetworking Services (4/12)SubcategoryAWS ServiceAzure ServiceDescriptionNetworkingVirtual Private CloudVirtual NetworkProvides an isolated, private environment in the cloud. Users have control over their virtual networking environment, including selection of their own IP address range, creation of subnets, and configuration of route tables and network gateways.Domain name system (DNS)Route 53- DNSA service that hosts domain names, plus routes users to Internet applications, connects user requests to datacenters, manages traffic to apps, and improves app availability with automatic failover.- Traffic ManagerDedicated networkDirect ConnectExpressRouteEstablishes a dedicated, private network connection from a location to the cloud provider (not over the Internet).Load balancingElastic Load Balancing- Load BalancerAutomatically distributes incoming application traffic to add scale, handle failover, and route to a collection of resources.- Application Gateway

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapDeveloper Tools (5/12)SubcategoryAWS ServiceAzure ServiceDescriptionDevelopment toolsAWS Toolkit for Microsoft Visual StudioVisual StudioDevelopment tools to help build, manage, and deploy cloud applications.AWS Toolkit for EclipseDev-TestDevelopment and TestDevelopment and TestCreates consistent development and test environments through a scalable, on-demand infrastructure.

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapManagement Tools (6/12)SubcategoryAWS ServiceAzure ServiceDescriptionDeployment orchestrationOpsWorks- Resource ManagerConfigures and operates applications of all shapes and sizes, and provides templates to create and manage a collection of resources.CloudFormation- Automation- VM extensionsManagement and monitoringCloudWatch- Log AnalyticsManagement and monitoring services for cloud resources and applications to collect, track, store, analyze, and deliver metrics and log files.CloudTrail- Azure portal- Application InsightsOptimizationTrusted AdvisorAdvisor (preview)Provides analysis of cloud resource configuration and security so subscribers can ensure theyre using best practices and optimum configurations.Job schedulingSchedulerRuns jobs on simple or complex recurring schedulesnow, later, or recurring.Catalog serviceService CatalogCreates and manages catalogs of approved IT services so users can quickly find and deploy them.AdministrationConfigAzure portal (audit logs)Provides resource inventory, configuration history, and configuration change notifications for security and governance.Programmatic accessCommand Line Interface- Azure Command Line Interface (CLI)Built on top of the native REST API across all cloud services, various programming language-specific wrappers provide easier ways to create solutions.- Azure PowerShell

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapSecurity and identity services (7/12)SubcategoryAWS ServiceAzure ServiceDescriptionAuthentication and authorizationIdentity and Access Management- Azure AD/Role-based access controlLets users securely control access to services and resources while offering data security and protection. Create and manage users and groups, and use permissions to allow and deny access to resources.Multi-Factor Authentication- Multi-Factor AuthenticationEncryptionKey Management ServiceKey VaultCreates, controls, and protects the encryption keys used to encrypt data. HSM provides hardware-based key storage.CloudHSMFirewallWeb Application FirewallWeb Application Firewall (preview)A firewall that protects web applications from common web exploits. Users can define customizable web security rules.SecurityInspector (Preview)Security CenterAn automated security assessment service that improves the security and compliance of applications. Automatically assess applications for vulnerabilities or deviations from best practices.DirectoryDirectory Service- Azure Active DirectoryTypically provides user/group properties that can be queried and used in applications. Also can provide capabilities to integrate to on-premises Active Directory services for single sign-on scenarios and SaaS management.- Azure Active Directory B2C- Azure Active Directory Domain Services

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapAnalytics services (8/12)SubcategoryAWS ServiceAzure ServiceDescriptionBig data processingElastic MapReduce (EMR)HDInsightSupports technologies that break up large data processing tasks into multiple jobs, and then combine the results together to enable massive parallelism.Data orchestrationData PipelineData FactoryProcesses and moves data between different compute and storage services, as well as on-premises data sources at specified intervals. Users can create, schedule, orchestrate, and manage data pipelines.AnalyticsKinesis Analytics (Preview)- Stream AnalyticsStorage and analysis platforms that creates insights from large quantities of data, or data that originates from many sources.- Data Lake Analytics- Data Lake StoreVisualizationQuickSight (Preview)PowerBIBusiness intelligence tools that build visualizations, perform ad-hoc analysis, and develop business insights from data.Machine learningMachine LearningMachine LearningProduces an end-to-end workflow to create, process, refine, and publish predictive models that can be used to understand what might happen from complex data sets.SearchElasticsearch ServiceSearchDelivers full-text search and related search analytics and capabilities.Data discoveryData CatalogProvides the ability to better register, enrich, discover, understand, and consume data sources.

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapMobile services (9/12)SubcategoryAWS ServiceAzure ServiceDescriptionPro app developmentMobile Hub (Beta)Mobile AppsBackend mobile services for rapid development of mobile solutions, plus provide identity management, data synchronization, and storage and notifications across devices.CognitoHigh-level app developmentPowerAppsModel-driven application development for business applications with SaaS integration.AnalyticsMobile AnalyticsMobile EngagementProvides real-time analytics from mobile apps data, highlights app users behavior, measures app usage, and tracks key trends.NotificationSimple Notification ServiceNotification HubsA push notification service that delivers messages instantly to applications or users. Messages can be sent to individual devices or can be broadcasted.

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapApplication services (10/12)SubcategoryAWS ServiceAzure ServiceDescriptionEmailSimple Email ServiceLets users send transactional email, marketing messages, or any other type of content to customers.MessagingSimple Queue Service- Queue StorageStores large numbers of messages that can be accessed from anywhere through authenticated calls using HTTP or HTTPS. A queue can contain millions of messages, up to the total capacity limit of a storage account, and may also support more complex topologies such as publish/subscribe.- Service Bus queues- Service Bus topics- Service Bus relayWorkflowSimple Workflow ServiceLogic AppsA state tracker and task coordinator service that allows developers to build, run, and scale background activities using a visual processes flow creation.App testingDevice Farm (Front End)- Xamarin Test Cloud (Front End)A range of services geared toward the orchestration of dev/test backend server and service application infrastructure, as well as front-end client device and software testing and simulation.- Azure DevTest Labs (Back End)API managementAPI GatewayAPI ManagementAllows developers to create, publish, maintain, monitor, and secure APIs. Handles processing concurrent API calls, including traffic management, authorization, access control, monitoring, and API version management.Application streamingAppStreamRemoteAppStreams and delivers existing applications from the cloud to reach more users on more deviceswithout any code modifications.SearchCloudSearchSearchSets up, manages, and scales a search solution for websites and applications.Media transcodingElastic TranscoderEncodingA media transcoding service in the cloud that transcodes media files from their source format into versions that play back on devices such as smartphones, tablets, and PCs.StreamingLive and on-demand streamingDelivers content to virtually any device. Offers scalable streaming.Others- Media PlayerAdditional services related to the playing, protection, and analysis of the content within the media service.- Media Indexer- Content Protection

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapEnterprise applications (11/12)SubcategoryAWS ServiceAzure ServiceDescriptionProductivity softwareWorkSpacesOffice 365Provides communication, collaboration, and document management services in the cloud.WorkMailWorkDocs

https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-mapIoT (12/12)SubcategoryAWS ServiceAzure ServiceDescriptionStreaming dataKinesis FirehoseEvent HubsServices that allow the mass ingestion of small data inputs, typically from devices and sensors, to process and route the data.Kinesis StreamsInternet of ThingsIoT (Preview)IoT HubLets connected devices interact with cloud applications and other devices to capture and analyze real-time data.

Markeplaces de VSO & AzureSi no tienes un servicio de Microsoft, puedes encontrar servicios adicionales en el Marketplace, como en el caso de Sendgrid. O vender los tuyos.https://marketplace.visualstudio.com/items?itemName=louisgerard.slackposterhttps://azure.microsoft.com/es-es/marketplace/partners/bitnami/liferay/AplicacionesDatos (antiguo datamarket) y Algoritmos entrenados (ML)

Algunas notas respecto de Azure vs AmazonEl nmero de servicios disponibles da flexibilidad pero aumenta la complejidad del ecosistema.Est claro que hay una carrera entre Amazon y Microsoft.Elegir el stack de servicios para tratar de mantenerse compatible es complejo como poco.Cada servicio PaaS ofrece abstraccin. Las abstracciones tienen sus pros y contras.Cada servicio va adquiriendo complejidad y cambiando rpidamente.

Recuerda: Azure y AWS son solo herramientas

https://twitter.com/jessethanley/status/813904788702183425

AWS de BrainSINS by Andrs/@avc_conti

http://www.slideshare.net/avcconti/brainsins-and-aws-meetup-keynote

Azure de una plataforma empresarial

WorkingPlannedReplaced

Virtual Machines para (1/12)Integracin con SSO de SaaS de terceros y un certificado peculiar.

Web Apps para (2/12)Aplicaciones web internas (CMS)Ejecucin de tareas programadas (webjobs)

SQL Database para (3/12)Almacenamiento de datos relacionales del sistemaEscalabilidad aseguradaBackups automticos

Storage: Blobs, Tables y Queues para (4/12)Blob: Almacenamiento de archivos relacionados con la base de datos.Tables: Almacenamiento de logs y cacheado de tokens.Queques: Colas de peticiones a procesar de forma asncrona.

Search para (5/12)Simplificar la arquitectura de bsquedasMejorar el control de qu se indexa y qu noReducir costes (SQL es ms caro)

Virtual Network y Load Balancer para (6/12)Necesario para conectar las mquinas virtuales y asegurar la alta disponibilidad.Para que los sistemas IaaS sean escalables.

Traffic Manager para (7/12)Para asegurar la alta disponibilidad entre regiones.

Content Delivery Network para (8/12)Para mejorar los tiempos de carga y coste de datos estticos de webs.

Backup para (9/12)Backup de archivos y datos a largo plazo y por temas legales.

Site Recovery para (10/12)Backup de sites (cdigo) para escenarios de Disaster RecoveryPermite mejorar los procesos de despliegues de nuevas aplicaciones

Visual Studio Online y Dev Test para (11/12)Gestin de versionado de cdigoPruebas de carga/estrs

Azure Portal para (12/12)Gestionar la suscripcin. Es una web app.En realidad hay 2 portales y aun es necesario usar el antiguo portal.Todo lo que es automatizable (PowerShell, API) es mejor hacerlo desde consola.https://buildazure.com/2016/09/20/why-is-the-azure-portal-a-web-app/

Mencin especialFunctions (equivalente al Lambda de AWS, serverless code) y DocumentDB (equivalente a y compatible con MongoDB)Permiten escenarios de integracin muy sencillos y escalables, como el mostrado por Andrs Velasco (@avc_conti) en AWS.La integracin con SaaS de terceros se realizarn con estas herramientas.Cognitive Services (Content Moderator para moderacin de comentarios y Bing para crawling e indexacin de contenidos web)https://www.microsoft.com/cognitive-services/en-us/apis

ArquitecturasRecomendaciones Microsoft y Reales

Arquitecturas Recomendadas por MicrosoftHay una variedad enorme de posibilidades pero Microsoft suele ofrecer su experiencia con plantillas para consumo rpido/seguro.https://docs.microsoft.com/en-us/azure/guidance/guidance-ra-app-service

Sobre las plantillasSon una buena forma de empezarVan apareciendo nuevas y actualizndose con el tiempoEs mejor empezar por la ms simple y modular posible para poder cambiar en el futuroEvitar el IaaS tanto como sea posible, al menos inicialmente

Basic web application

Web application architecture for scalability

Web application architecture for high availability

Running Windows VMs for an N-tier architecture on AzureSimilar a las anteriores pero en IaaS, con un coste muy superior en desarrollo, administracin y consumo.

Otras arquitecturasSistemas hibridados con IaaSIntegracin con SaaS de tercerosMs informacin (contribuible va GitHub): https://docs.microsoft.com/en-us/azure/guidance/guidance-compute-multiple-datacenters

Lecciones aprendidas

Casos tpicos de problemas o errores:SSL desde Azure. No exportable.IaaS y Cloud Services vs PaaS. Certificados confiables y escalado.Ficheros en bases de datos en onpremises. Coste y escalado Vs Blob.Aplicaciones con estado (sesin) y escalado.Velocidades de disco.Aplicaciones instaladas que no escalan en vertical u horizontal.Uso de disco no persistente para almacenar datos persistentes.Mala eleccin de la regin: http://azurespeedtest.azurewebsites.net/

A tener en cuenta con el paso del tiempoAl evolucionar el servicio hay decisiones tomadas que deberan reconsiderarse.Al cambiar los requisitos del sistema con el tiempo, hay decisiones que pesan.No se puede evitar la deuda, pero se debe ser consciente de qu deudas se adquieren.Moraleja: entiende el problema que resuelven los servicios y reevala las soluciones al aparecer y mejorar nuevos servicios.

Consejos tras 6 aosCuenta con un equipo de desarrollo dedicado.Tiende a PaaS frente a IaaS.Experimenta y prueba antes de prometer e implementar.Usa el soporte siempre que dudes.Mantente al da y refactoriza.Automatizar mejor que documentar. Al ser un servicio los scripts son una buena documentacin. Rendimiento y errores manuales bajo control.

Posibles WorkshopsAplicaciones web escalables y sticky sessions.Despliegue automtico en Azure desde diferentes proveedores (Github, TFS, etc).Azure Functions. Serverless code.

Documentacinhttps://docs.microsoft.com/en-us/azure/

Recursos gratuitos para desarrolladores:https://azure.microsoft.com/es-es/pricing/member-offers/vs-dev-essentials/

Software Craftsmanship CLM