dell emc cloud for microsoft azure stack - pgk · dell emc cloud for microsoft azure stack karsten...
TRANSCRIPT
Dell EMC Cloud for Microsoft Azure StackKarsten Bott
Advisory Cloud Platform Specialist, Azure ( Stack )
@azurestack_guy
© Copyright 2017 Dell Inc.3
Jeffrey Snover
Technical Fellow Microsoft
Azure Stack Architect
© Copyright 2017 Dell Inc.4
First consistent Hybrid Cloud Platform Virtualization-replacement play
Integrated system with IaaS & PaaS DIY infrastructure
Regularly updated for Azure-consistency Static system you deploy & forget
Truly open and flexible (just like Azure) .NET/Windows only
Why hybrid cloud?
Dell - Internal Use - Confidential7 of 62
Always available
Real-time updates
Intelligent interactions
ANYWAY
ANYWHERE
ANYTIME
The new digital customer
Intelligent applications are the new face of business
Rising and continuously changing expectations around experiences
Dell - Internal Use - Confidential8 of 62
Always available
Real-time updates
Intelligent interactions
The new digital customer
Intelligent applications are the new face of business
Rising and continuously changing expectations around experiences
Dell - Internal Use - Confidential9 of 62
Azure Services on premises with Azure Stack
Cloud Foundry
Azure Service Fabric
Azure Functions
Azure App Service
Azure Service Fabric and Azure
Container Service will be available
post-GA
Storage – Blob, Tables, Queues
Networking
Containers
with Docker
Virtual Machines (VM)
VM Scale Sets
Above services will be
available at GA
Azure services in your datacenter
Unified app development
One Azure ecosystem
Developers
IT
Azure IaaS on-premises
We will deliver additional Azure services through frequent updates to Azure Stack for continuous innovation
Azure PaaS available on-premises
Solution Introduction
Azure services everywhere
© Copyright 2017 Dell Inc.12
Dell EMC Cloud for Microsoft Azure StackKey design principles
Hyper-converged
Integrated system
Closed system
Scale out building blocks
Architecture, hardware and
topology
Security and
privacy
Deployment, configuration, provisioning
Validation Monitoring, diagnostics
Business continuity
Patching and
updating
Field replacement
of parts
Software Hardware
Support Services
Azure consistent management – No
System Center
Hybrid Design Patterns
© Copyright 2017 Dell Inc.14
Foundational Patterns
Promise
I can build hybrid
applications that have
components in both
Azure and Azure Stack
Requirement
I need connectivity
between resources in
my on-prem
environment and public
cloud
Example - Site to Site
VPN/Express Route
Azure
Azure Stack
Azure
Azure Stack
Hybrid CI/CD
Pipeline
Promise
I can change my
deployment location
without changing my
application
Requirement
I want to consolidate my
CI/CD pipelines across
my on-prem
environment and the
public cloud
© Copyright 2017 Dell Inc.15
Azure
Azure Stack
Hybrid CI/CD
Pipeline
Test/Dev Scenarios
I conduct my dev/test efforts where it is most practical
without having to retool for public cloud deployments.
Azure
Azure Stack
QA
QA
PROD
PROD
Repository
CHOICE!
____
____
____
____
____
Software Code
Infrastructure Code
© Copyright 2017 Dell Inc.16
Cloud Burst Scenarios
I can take advantage of the elasticity of the public
cloud when I need to.
Azure
Azure Stack
Hybrid CI/CD
Pipeline
© Copyright 2017 Dell Inc.17
Geo-Distributed Scenarios
I can direct users to the most suitable cloud for
their needs.
Azure
Azure Stack
Traffic Manager
© Copyright 2017 Dell Inc.18
Azure Stack
Disconnected Scenarios
I can run completely disconnected from the
internet where required.
© Copyright 2017 Dell Inc.19
Live Migration of Workloads?
AzureAzure Stack
Azure Stack is NOT intended to address this scenario
Compute, Storage, Networking Architecture
© Copyright 2017 Dell Inc.21
Azure Stack architecture summary
Cloud infrastructure
Foundational servicesCompute | Storage | Networking | Platform services
Additional services
Core servicesSubscriptions | RBAC | Gallery | Metrics | Usage
Extensible service
framework
End-user experiences
Guest workload resources
(IaaS + PaaS)
Unified app model
Virtual machines
(Linux or Windows)
Websites
(.NET, PHP, Python … )
Virtual networksService fabric
clusters
Storage blobs
Compute Storage Networking
Infrastructure management
Additional services
Microsoft Azure Services
Third-party services
© Copyright 2017 Dell Inc.22
14g Scale UnitsS\M\L Scale Units Flexible (capacity and perf) options per scale unit
Low: 12C/24T, 384G Mem, 5.7TB Cache, 40TB Data
Mid: 16C/38T, 576G Mem, 11.5TB Cache, 80TB Data
High: 24C/48T, 768G Mem, 11.5TB Cache, 100TB Data
HCI Node: Capacity configuration options
Developer Edition
Small: ~475 VMs Medium: ~1100 VMs Large: ~1750 VMs
Note: VM sizes based on Azure D1 V2 VMs assuming 4:1 VCPU:CPU ratio
Note: Capacities based on Raw
Included: Services (Integration and Implementation), Software
Deployment
Integration and Implementation
Support
Accelerator Services
Workshops and Implementation
Available Professional Services
1xHCI node• Cores: 20-24• Mem: 96-384GB• Cache: 1440 GB• Data: 6TB3 Available Configs Starter Edition PaaS Edition Developer Edition
4xHCI nodes• Cores: 96-192• Mem: 1.5TB – 3TB• Cache: 23 TB- 46TB• Data: 160TB – 400TB2x10GbE TOR1x 1GbE Mgmt1x R640 Mgmt NodeN+2 Redundancy
8xHCI nodes• Cores: 192 – 384• Mem: 3TB – 6TB• Cache: 46 TB- 92TB• Data: 320TB – 800TB2x10GbE TOR1x 1GbE Mgmt1x R640 Mgmt NodeN+2 Redundancy
12xHCI nodes• Cores: 288 – 576• Mem: 4.6TB – 9.2TB• Cache: 68 TB- 138TB• Data: 320TB – 1200TB2x10GbE TOR1x 1GbE Mgmt1x R640 Mgmt NodeN+2 Redundancy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
OK
FAIL
N2200-PAC-400W
OK
FAIL
N2200-PAC-400W
ID
MGMT 1
0
STAT
CONSOLE
N3K-C3048-FAN
FAN
STAT
CISCO NEXUS 3172-10GE
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 481 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 49
50
51
52
53
54
CISCO NEXUS 3172-10GE
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 481 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 49
50
51
52
53
54
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
OK
FAIL
N2200-PAC-400W
OK
FAIL
N2200-PAC-400W
ID
MGMT 1
0
STAT
CONSOLE
N3K-C3048-FAN
FAN
STAT
CISCO NEXUS 3172-10GE
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 481 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 49
50
51
52
53
54
CISCO NEXUS 3172-10GE
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 481 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 49
50
51
52
53
54
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
OK
FAIL
N2200-PAC-400W
OK
FAIL
N2200-PAC-400W
ID
MGMT10
STAT
CONSOLE
N3K-C3048-FAN
FAN
STAT
CISCO NEXUS 3172-10GE
252627282930313233343536373839404142434445464748 12345678910111213141516171819202122232449
50
51
52
53
54
CISCO NEXUS 3172-10GE
252627282930313233343536373839404142434445464748 12345678910111213141516171819202122232449
50
51
52
53
54
© Copyright 2017 Dell Inc.23
13g/14g Comparison
13g Sizes
Size Total
Cores
Memory
(GB)
SSD
Cache
(GB)
HDD
Capacity
(GB)
Small 20 256 960 4000
Medium 24 384 1920 6000
Large 28 512 1920 8000
14g Sizes
Size Total
Cores
Memory
(GB)
SSD
Cache
(GB)
HDD
Capacity
(GB)
Small 24 384 960 4000
Medium 32 576 1920 8000
Large 48 768 1920 10000
© Copyright 2017 Dell Inc.24
Relative Workload Capacities - 13G vs 14G
0 50 100 150 200 250 300 350 400 450 500
13G Small 4 Node
14G Small 4 Node
13G Medium 4 Node
14G Medium 4 Node
13G Large 4 Node
14G Large 4 Node
Workload Capacity Comparison
D2 VM (2 VCPU, 7GB RAM) D1 VM (1 VCPU, 3.5GB RAM)
*Assumes 4:1 VCPU:CPU Ratio.
© Copyright 2017 Dell Inc.25
Services for your entire cloud journeyScale on multiple fronts with Azure Stack
Example: Global enterprise or service provider
One cloud “endpoint”1
Single region 2
Single scale unit3
Region 2
Resource management
Port
al /A
zure
R
esourc
e M
anager
Multiple regions (future)2
Multiple scale units per region (future)3
Region 3Region 1 Region 2
*Initially one region and one scale unit per region, future will support multiples
© Copyright 2017 Dell Inc.26
Software defined storage architecture
Storage Spaces Storage Pool
Storage Spaces Virtual Disks
Scale-Out File Server
CSVFS Cluster File System
Software Storage Bus
ReFS On-Disk File System
Virtual Machines
• Storage Spaces Direct
- Single scalable pool with all disk devices
(except boot)
- Multiple virtual disks per pool (3-way Mirror)
• Software Storage Bus
- Storage Bus Cache (Cache ratio target is 6 –
10% for WI SSDs and greater than 10% for
MU SSDs)
- Leverages SMB3 and SMB Direct
• Servers with local disks
- Dell HBA330 Mini Integrated Storage
Controller
- Samsung or Intel SSDs
© Copyright 2017 Dell Inc.27
Software defined and physical network architecture
PowerEdge R730xd
PowerEdge R730xd
PowerEdge R730xd
PowerEdge R730xd
Hardware Lifecycle Host - PowerEdge R430Dell EMC Networking S4048-ON ToRDell EMC Networking S4048-ON ToRDell EMC Networking S3048-ON OOB
To aggregation layer /
border layer
iDRAC Subnet
Switch management Subnet
Infrastructure subnet
Storage subnet
ToR
OOBHyper-V
NIC
iDRAC
iDRAC
Hyper-V
NIC
TEAM
Storage 1
Host Mgmt
Public VIPs subnet
Public VIPs subnet
Scale unit hostsHLH
Storage 2
HNV PA
Transit
© Copyright 2017 Dell Inc.28
Key networking design considerationsDell EMC networking supports Azure Stack configurations
• Mellanox PCIe Ethernet Adapter in Host
– Dual-port 10 GbE
– RDMA for storage performance
– Offload and converged capabilities on the adapter
• Dell EMC Networking S4048-ON and S3048-ON support
for Azure Stack requirements:
– Use BGP to discover SLB subnets on the physical
network (or static routes can be employed)
– Data Center Bridging (DCB) to ensure QoS on
converged fabric
› Enhanced Transmission Selection (ETS)
› Priority-based Flow Control (PFC)
– Segment OOB management traffic
Monitoring
© Copyright 2017 Dell Inc.30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
OK
FAIL
N2200-PAC-400W
OK
FAIL
N2200-PAC-400W
ID
MGMT 1
0
STAT
CONSOLE
N3K-C3048-FAN
FAN
STAT
CISCO NEXUS 3172-10GE
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 481 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 49
50
51
52
53
54
CISCO NEXUS 3172-10GE
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 481 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 49
50
51
52
53
54
Hardware Lifecycle Host
Serves 3 Functions
• Initial software deployment of Azure Stack
cluster
• Subsequent patch and update orchestration
and deployment
• Hardware monitoring via Dell EMC Open
Manage Essentials and Network Manager
© Copyright 2017 Dell Inc.31
Hardware monitoring and alerting
Agentless monitoring of hyper-converged hardware using BMC Solution dependent on hardware vendor.
Open Manage Essentials
Open Manage Network Manager
Azure Stack Health and Alerts
Alerts generated from:
• Internal Health Services
• System Health Tests
Compute and Storage Health
and Alerts
• Out of Band monitoring
• Devices and Components
Networking Health and Alerts
HA and DR Considerations
© Copyright 2017 Dell Inc.34
IaaS PaaS
Azure Stack InfrastructureUser defined external
SMB3 file share Ad
min
sp
ace
Te
na
nt sp
ace
SQL LRS blob replica,
blob snap
SQLVM VMVM
Dell EMC
Data Protection
Infrastructure backup
and restore
Tenant VM backup
and restore
Backup and Recovery
© Copyright 2017 Dell Inc.35
Infrastructure Backup Controller
Azure Stack separates infrastructure data from tenant data
• Tenants of Azure Stack are responsible for protecting their workloads and backing
up data
• Infrastructure data from multiple internal services is backed up by Azure Stack
using the Infrastructure Backup Controller service
Backup Configuration
• Backup occurs periodically with no admin intervention and no downtime to the
portal experience or APIs
• Backup data is stored to an external/off-stamp SMB file share
• Infrastructure backup is enabled at Azure Stack deployment time. A file share UNC
path and credentials are required
• After deployment, backup can also be enabled using UI or APIs
• Note: Traditional backup using Microsoft Data Protection Manager and Hyper-V
capabilities are not used by Infrastructure Backup Controller
© Copyright 2017 Dell Inc.36
Tenant IaaS Protection
Azure Infrastructure
External
File Share
A
B
On-
premises
Backup
Target
C D
Azure Stack Infrastructure Backup/Restore
In scope: Backup and restore of Azure Stack
infrastructure service data
Out of scope: Tenant/app data
Backup target: external file share
A
IaaS VM Backup/Restore
In scope: In-guest agent based backup and restore
Out of scope: VM configuration
Backup target: On-prem backup product
B
IaaS VM Backup/Restore
In scope: In-guest agent based backup and restore
Out of scope: VM configuration
Backup target: Cloud backup service
C
IaaS VM Replication/Failover
In scope: In-guest agent based replication
Failover target: Orchestrate failover using ASR from
Azure Stack to Azure
D
At GA: Azure Site Recovery can protect Azure Stack VMs to Azure
After GA: Failback from Azure
IaaS
Admin
space
Tenant
space
PaaS
© Copyright 2017 Dell Inc.37
Services for your entire cloud journeyGA Fault Domain
Example: Global enterprise or service provider
One cloud “endpoint”1
Single region 2
Single scale unit3
Resource management
Port
al /A
zure
R
esourc
e M
anager
*Initially one region and one scale unit per region, future will support multiples
Region 1
© Copyright 2017 Dell Inc.38
Application HA/DR on Azure Stack
In Scope for GA
Scale-unit failover of VMs when a node fails
Scale-unit planned failover of VMs during P&U
Three copies of all tenant data in a scale-unit
Automatic rebuild of data when a disk fails
App across clouds instances for HA/DR
© Copyright 2017 Dell Inc.39
Maintainability: patch & update
• Pre-validated updates for
software and firmware by
Microsoft and partners.
• Rapid cadence of delivery,
customer chooses when to
apply. (3 month window)
• Automated application of
updates across entire
infrastructure.
© Copyright 2017 Dell Inc.40
Security and Compliance
Dell - Internal Use - Confidential40
© Copyright 2017 Dell Inc.41
Security Principles: Assume Breach
Constrained administration
• Predefined, whitelisted admin experience
• Fine-grained RBAC
• PowerShell JEA
Locked down infrastructure
• Application whitelisting
• Least-privileged accounts
• No domain admin credentials
• Network ACLs
• No access to infrastructure components
Simplified auditing
• No configuration needed
• Generated and centrally collected
© Copyright 2017 Dell Inc.42
Security Principles: Hardened by Default
• Data at rest encryption
• Network encryption
• Strong authentication between infrastructure components
• Security OS baseline
• Disabled legacy protocols (e.g. NTLM)
• HW security features (e.g. TPM, secure boot, UEFI)
• Windows Server 2016 security features
• Credential Protection (Credential Guard)
• Code Integrity (Device Guard)
• Antimalware (Windows Defender)
© Copyright 2017 Dell Inc.43
Azure Stack Compliance
Technology
Infrastructure
xTenant Applications
xPeople
xProcess
Azure Services Coming to Azure Stack
© Copyright 2017 Dell Inc.45
Azure IaaS on-premises: beyond traditional virtualization
Above services will be available at GA. We will deliver additional Azure services through frequent updates to Azure Stack.
© Copyright 2017 Dell Inc.54
Azure PaaS available on-premises: prescriptive platforms for high productivity development
Azure Service Fabric will be in preview at GA. Other services will be available at GA. We will deliver additional Azure services through frequent updates to Azure Stack.
© Copyright 2017 Dell Inc.55
How are Azure Stack services different?Azure services on Azure Stack can sometimes contain differences due to the following reasons:
2015-08-01
2016-03-01
API Version Scale Dependencies
Additional Integration
© Copyright 2017 Dell Inc.58
Linux Distributions
Marketplace Images
Ubuntu
Bitnami
CentOS CoreOS
SuSE
Build your Own*
Ubuntu
Oracle
RedHat CentOS
Debian
OpenSuSE/ SLES
*Requires Azure Linux Agent 2.1.3+
https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-linux
© Copyright 2017 Dell Inc.59
Secure workloads anywhere in Azure
Policy-based key release
Flexible key management
Leverages OS encryption
Secure VM workloads
Add-on option for data at rest encryption
Windows Server
Active Directory
Azure Key Vault
HSM
KMIP-compliant
KMSKMIP
Optional External Key Stores
CloudLink Center
VM VM VM
*Initially delivered via Dell EMC Consulting Services
© Copyright 2017 Dell Inc.60
What about Pivotal Cloud Foundry?
• One of the largest drivers of Azure Public Consumption
• Microsoft has invested heavily and wants to see this on
Azure Stack
• Opens up additional Multi-Cloud options
• It’s on the roadmap and likely a sooner rather than a later