Partner Practice Enablement - Overview

This session will focus on integration strategies for applications deployed using Microsoft Azure Websites and Microsoft Azure Cloud Services. Learn how to securely consume services in a virtual machine from your applications.

Audience: IT Professionals, Architects and Developers

Module 1 – Introduction to Microsoft Azure

Module 2 – Microsoft Azure Virtual Machines

Module 3 – Microsoft Azure Networking

Module 4 – Microsoft Azure Active Directory

Module 5 - Cloud Services and Websites

Module 6 - SQL Server and SharePoint

Module 7 - Management and Monitoring

Cloud Services, Websites and

Infrastructure Services

Agenda

Microsoft Azure ComputeVirtual Machines and Cloud ServicesVirtual Machines and WebsitesAzure Websites for IT Professionals

Microsoft Azure Compute

Virtualization

O/S

Hardware

Network

Data

Applications

Firewall

Focus on Application

Microsoft AzureTraditional Datacenter

Web Applications

Data

Websites

Applications

Firewall Rules

Data

Virtual Network

Cloud Services

Virtual Network

Data

Applications

Firewall Rules

O/S

Virtual Machines

Mobile Applications

Data

Mobile Services

Why Integrate?

Application DependenciesAllows development of new applications or migration of existing applications that have dependencies on resources that require virtual machines such as SQL Server, Mongo DB, Oracle etc...

Hybrid ConnectivityUsing Microsoft Azure Virtual Networks to connect to on-premises resources allows for line of business applications hosted in Microsoft Azure.

Cloud Services

Workloads for Cloud Services

Workloads that are designed to be stateless and can be easily scaled to multiple instances

N-Tier Applications are well suited because Cloud Service has superb support for cross role communication and discovery.

Your choice of language and frameworks as long as it runs on Windows.

Workloads that can be deployed in an automated fashion

Cloud Service

Microsoft Azure Service Model Example cloud service configuration with a single web role and a single worker role

VM1 VM2

VM5 VM6

VM9

VM3 VM4

VM7 VM8

VMn

VM1 VM2

VM5

VM3 VM4

VMn

ROLE

VIP Swap

VM1 VM2

VM3 VM4

VM1 VM2

VM3 VM4

Cloud Service 2

Mixing Virtual Machines & Stateless RolesMultiple cloud services with stateless and virtual machines

Cloud Service 1

VM1 VM2

VM5 VM6

VMn

VM1 VM1

VM1 VM2

VM5 VM6

VMn

Virtual Machines and Cloud Services Side by Side

Direct Connectivity Using Virtual NetworkingFor advanced connectivity scenarios such as Active Directory or DCOM

Connect Cloud Apps via VIPsEasily compose services by connecting public endpoints

Connecting Cloud Services via VIPsStrengthsSimplicityTenant AutonomyEasy Local Dev/Test

SQL Data Access Traffic

Through Public

Endpoint

WeaknessesLatency due to extra hopsAccess is controlled port-by-port

WA Web Role

Cloud Service 1

Cloud Service 2

SQL Server

Load Balancer

80

2001-1433

Load Balancer

Secure Endpoints with ACL

DEMOCloud Services VIP Connectivity

Connecting Cloud Services with VNETStrengthsLower LatencyProtect VMs from the open InternetAdvanced Connectivity Requirements

WeaknessesVirtual Network ComplexityMicrosoft Azure provided DNS does not span cloud servicesFor local development and test site to site or point to site is required.

Direct Access

via VNET

FrontEndSubnet

(10.0.0.0/16)

SQLSubnet (10.1.0.0/16)

Load Balancer

80

WA Web Role

Cloud Service1

Cloud Service 2

AD

SQL Mirror

AD Subnet

(10.2.0.0/16)

ContosoVNet (10.0.0.0/8)

DEMOCloud Services Virtual Network Connectivity

Websites

Virtualization

O/S

Hardware

Network

Data

Applications

Firewall

Focus on Application

Microsoft AzureTraditional Datacenter

Web Applications

Data

Websites

Applications

Firewall Rules

Data

Virtual Network

Cloud Services

Virtual Network

Data

Applications

Firewall Rules

O/S

Virtual Machines

Mobile Applications

Data

Mobile Services

Microsoft Azure Web Sites powerful web sites in seconds

start simple• Start Free (up to 10 sites)• Scale up & out as needed• Automatic load balancing

and shared storage across instances

• No Friction

code smart• Classic ASP, ASP.NET, PHP,

Node.js, Java, Python, or any FastCGI Handler

• SQL DB, MySQL, or any NoSQL

• Develop on Windows, Linux, or OSX

go live• Rapid deployments and

iterations• Continuous Integration with

VSO, GitHub, CodePlex, etc.• Built-in Monitoring and

Performance Data• Quick and easy access to logs

Creating a Web Site

QUICK CREATECreates an empty web site

CUSTOM CREATECreates an empty Web Site

Optionally create a SQL Database or MySQL Database linked to the Web Site

Publish directly from source control

FROM GALLERYCreate a new site from an existing framework.

Blogs, CMS, E-Commerce, etc.

Using the Azure Management Portal

Publishing Web SitesFTPFTP Client (ie: FileZilla)Visual Studio

Web DeployVisual Studio

GitUsually Automated via Service Hooks

FTP://

WEBDEPLOY

Automating Web Site DeploymentPublishing with Command Line ToolsMSBuildFTP ScriptsPowerShellCross-Platform Command Line Interface (CLI)Web Deploy Command Line

Publishing from Source ControlGenerally to a staged deployment slot…

Deployment SlotsA separate web site linked to your primary web site.Each deployment slot has it’s own URL and runtime environment.

Staged PublishingPublish updates to your web site into the staging deployment slot.

Run and Test in the Staging slot.

Instantly Swap the Staging and Production Slots• “Go Live”• “Oops!”

Publishing From Source Control

Git or Mercurial repositories are supported.

Connecting Websites via VIPs

StrengthsAccess any backend that can be hosted on a virtual machine.

Access on-premises resources using virtual machine hosted in virtual network.

SQL Data Access Traffic

Through Public Endpoint

WeaknessesVirtual Machine management overhead

Access is controlled port-by-port

Requires Shared or Standard mode with a custom domain to get a persistent IP from websites to secure with an access control list.

Cloud Service

SQL Server

Load Balancer

80

2001-1433

Secure Endpoints with ACL

Load Balancer

Website

LABWebsites with VIP Connectivity

Custom Domains and SSL for Azure Websites

Custom Domains<sitename>.azurewebsites.net

138.91.225.40

Northwind Web Site

Fabrikam Web Site

Contoso Web Site

Custom

RECORD TYPE

NAME VALUE

A contoso.com 138.91.225.40

CNAME www.contoso.com contosoweb.azurewebsites.net

CNAME support.contoso.com contosoweb.azurewebsites.net

CNAME awverify.contoso.com awverify.contosoweb.azurewebsites.net

Configuring Custom DomainsDNS RegistrarAdd A or CNAME Record(s).

Azure Management PortalIn domain names section of the configure page for the web site.

Click the manage domains button.• Add domain name(s)

SSL with Azure Web SitesSSL Provided by Defaulthttps://contosoweb.azurewebsites.net.

SSL with Custom DomainRequires Standard Mode

SSL BindingsServer Name Indication (SNI) SSL• Modern Applications and OS’s capable of using SNI SSL• Multiple domains can share the same IP AddressIP Based SSL• Traditional SSL that supports older applications and OS’s• One domain per IP Address

Configuring SSL in Azure Web SitesObtain certificate(s) from a Certificate Authority.

Upload Certificate(s) to Azure. • .pfx with password

Configure SSL Bindings.

IP Based SSL ConsiderationsDedicated IP Address (inbound)Assigned to the Web Site.

Can be retrieved in the quick glance section of the DASHBOARD page of the web site.

Not the same as the Load Balancer IP Address used when configuring the A Record for a custom domain.• A Record must be updated to use this Virtual IP

Address.

Scaling Websites

Scaling OptionsScale Up Small to Large Instance Sizes

Scale OutAdd Additional InstancesShared Plan: Up to 6 Shared InstancesBasic Plan: Up to 3 Dedicated InstancesStandard Plan: Up to 10 Dedicated Instances

SMALL1 CORE1.75 GB MEMORY1 GB STORAGE

MEDIUM2 CORES3.5 GB MEMORY10 GB STORAGE

LARGE4 CORES7 GB MEMORY50 GB STORAGE

For more information on websites optionshttp://azure.microsoft.com/en-us/pricing/details/websites/

Websites Scalability

Free Shared Basic Standard

Web Sites 10 100 Unlimited Unlimited

Storage 1 GB 1 GB 10 GB 50 GB

Compute Instance Shared Shared Dedicated Dedicated

Scale Out 1 6 3 10

AutoScale No No No Yes

Size CPU Cores Memory

Small 1 1.75 GB

Medium 2 3.5 GB

Large 4 7 GB

Backup and Restore Websites

Backup and Restore FeatureProvides back and restore services for your web site and linked resources (databases).

RequirementsStandard ModeAn Azure Storage Account (same subscription the web site is deployed in)• Backups are stored in Blob storage.

Website BackupHow Backups are InitiatedManual or Automated

Content Included in the BackupWebsite configurationWebsite files (content)Linked Resources (SQL Database, MySQL)

How Backups are StoredAzure Storage Account (blob)• Container name: “websitebackups” A backup consists of a .ZIP file (the backup) and a .XML file (the manifest for the .ZIP).

Website RestoreWebsite Restore TargetsCurrent Website• Existing Website is overwritten

New Website• Creates a new Website in the same region as the original.• Website name is “restored-originalWebsiteName”

Database Restore TargetsNoneRestore to a different database serverRestore to the original database

Site Control Management (“Kudu”)

What is “Kudu”?A Separate Companion/Administrative Web Site to your Web SiteYour Web Site: http://contoso.azurewebsites.netKudu Web Site: https://contoso.scm.azurewebsites.net

AuthenticationOnly the owner of a Web Site can Access the Kudu SiteUse Credentials Associated with your Microsoft Azure Subscription

Every Web Site gets a Kudu Site by DefaultIncluding Staging and Production slots

Security Context

contoso

Cloud Drive

• APP SETTINGS

• CONNECTION STRINGS

• ENVIRONMENT VARIABLES

• SERVER VARIABLES

• SYSTEM INFORMATION

kudu

More About KuduDeveloped as an Open Source Projecthttps://github.com/projectkudu/kuduContribute to it or host your own

Kudu is a “Site Extension”An Extension to your Web SiteIt has access to the file system and runtime environment of your Web Site

Web Site Extension Gallery

Summary

Microsoft Azure ComputeVirtual Machines and Cloud ServicesVirtual Machines and WebsitesAzure Websites for IT Professionals

Suggested Learning ExercisesAssignment Estimated

TimeHands-on Labs and TutorialsConnecting a PaaS application to an IaaS Applicationhttps://github.com/WindowsAzure-TrainingKit/HOL-ConnectingApplications

Connecting a PaaS application to an IaaS Application with a Virtual Networkhttps://github.com/WindowsAzure-TrainingKit/HOL-ConnectingApplicationsVNet

Deploying a .NET Website with a MongoDB Backend on a Virtual Machinehttp://www.windowsazure.com/en-us/documentation/articles/web-sites-dotnet-store-data-mongodb-vm/

• 45 minutes

• 45 minutes

• 45 minutes

VideoIaaS + PaaS = <3http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013/WAD-B325

Microsoft Azure Websiteshttp://channel9.msdn.com/Events/windowsazure/Learn-2012TechEd-EU/WebSites

• 1 hour

• 1 hour

Session Resources

Microsoft Azure Virtual Network Overview

http://msdn.microsoft.com/en-us/library/windowsazure/jj156007.aspx

Instructor Led Training – Microsoft Azure for IT Professionals and Developers

http://www.opsgility.com/courses/itpro-five-day

http://www.opsgility.com/courses/dev-four-day

Network ACL Capability in Microsoft Azure PowerShell

http://michaelwasham.com/windows-azure-powershell-reference-guide/network-access-control-list-capability-in-windows-azure-powershell/

Microsoft Azure ResourcesMicrosoft Partner Learning Path

https://mspartnerlp.mspartner.microsoft.com/LearningPath

Microsoft Azure Friday

http://www.windowsazure.com/en-us/documentation/videos/windows-azure-friday/

Microsoft Virtual Academy

http://www.microsoftvirtualacademy.com

Channel 9 Microsoft Azure

http://channel9.msdn.com/WindowsAzure

Questions

http://stackoverflow.com/questions/tagged/azure

http://social.msdn.microsoft.com/Forums/windowsazure

Coming Up Next . . .SQL Server and SharePoint

Thank You