Cloud Strategy

 


Cloud Strategy

 

 

Capabiltiy AWS Azure GC RedHat
Compute – EC2 Customized Xen HV

Import VDH

AWS AMI

PV

– Paravirtualization fast HVM full  on top of their hypervisors

– Organize into Regions, Available Zones & Resource Groups

-Hyper-V Customized 2008 Server
-No import VDHX– Organize into Regions, Availability Sets and  Resource Group which can be all admin by Templates   Azure Resource Manage
availability sets. An availability set is a logical grouping of two or more virtual machines. Updates domain vs fault domain let set which machines could be updating without affect the rest.
Storage  EFS

  • Generally Available (out of preview), but may not yet be available in your region
  • Network filesystem (that means it may have bigger latency but it can be shared across several instances; even between regions)
  • It is expensive compared to EBS (~10x more) but it gives extra features.
  • It’s a highly available service.
  • It’s a managed service
  • You can attach the EFS storage to an EC2 Instance
  • Can be accessed by multiple EC2 instances simultaneously
  • Since 2016.dec.20 it’s possible to attach your EFS storage directly to on-premise servers via Direct Connect. ()

EBS

  • A block storage (so you need to format it). This means you are able to choose which type of file system you want.
  • As it’s a block storage, you can use Raid 1 (or 0 or 10) with multiple block storages
  • It is really fast
  • It is relatively cheap
  • With the new announcements from Amazon, you can store up to 16TB data per storage on SSD-s.
  • You can snapshot an EBS (while it’s still running) for backup reasons
  • But it only exists in a particular region. Although you can migrate it to another region, you cannot just access it across regions (only if you share it via the EC2; but that means you have a file server)
  • You need an EC2 instance to attach it to
  • New feature (2017.Feb.15): You can now increase volume size, adjust performance, or change the volume type while the volume is in use. You can continue to use your application while the change takes effect.

S3

  • An object store (not a file system).
  • You can store files and “folders” but can’t have locks, permissions etc like you would with a traditional file system
  • This means, by default you can’t just mount S3 and use it as your webserver
  • But it’s perfect for storing your images and videos for your website
  • Great for short term archiving (e.g. a few weeks). It’s good for long term archiving too, but Glacier is more cost efficient.
  • Great for storing logs
  • You can access the data from every region (extra costs may apply)
  • Highly Available, Redundant. Basically data loss is not possible (99.999999999% durability, 99.9 uptime SLA)
  • Much cheaper than EBS.
  • You can serve the content directly to the internet, you can even have a full (static) website working direct from S3, without an EC2 instance

S3 Standard-Infrequent Access

  • Amazon S3 Standard-Infrequent Access (S3 Standard-IA) is an Amazon S3 storage class for data that is accessed less frequently, but requires rapid access when needed

Glacier

  • Long term archive storage
  • Extremely cheap to store
  • Potentially very expensive to retrieve
  • Takes up to 4 hours to “read back” your data (so only store items you know you won’t need to retrieve for a long time)

As it got mentioned in JDL’s comment, there are several interesting aspects in terms of pricing. For example Glacier, S3, EFS allocates the storage for you based on your usage, while at EBS you need to predefine the allocated storage. Which means, you need to over estimate. ( However it’s easy to add more storage to your EBS volumes, it requires some engineering, which means you always “overpay” your EBS storage, which makes it even more expensive.)

Azure File Service

is targeted more to internal file handling. With internal I mean mounting a directory to a VM in the cloud or on-premises so it can be loaded in you back-end (SMB based protocol).

 

Blob storage

For sharing files with end-users (web or apps) it probably makes more sense to use blob storage as this simplifies downloading through a URL and securing download through Shared Access Signatures

Pricing: Blob storage is much cheaper than file storage.

Portability: With blob storage if you decide to migrate to a diff platform in future you may have to change your app code but with File storage you can migrate your app to any other platform that supports SMB (assuming you are using native file system APIs in your app)

Database Support RDS & NoSQL
Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, SAP ASE, SQL Server, DynamoDB, RedShift
Scalable in 2 clicks
Recovery in 2 clicks
Automatic Migration Tool Between RDS   & NoSQL & Cube.
Migration
Networking & Content Delivery Virtual networks

Azure Virtual Network is a fundamental component that acts as an organization’s network in Azure.

IP addresses

VMs, Azure load balancers, and application gateways in a single virtual network require unique IP addresses
Private IP addresses. Dimamically or static
Public IP: Public IP addresses allow Azure resources to communicate with external clients,

Network Interface Card

Virtual NICs configure VMs with private and optional public IP address.

DNS

resolve user-friendly fully qualified domain names (FQDNs), such as www.adatum.com, to IP addresses.

Azure load balancer and internal load balancer

To increase availability and scalability.
Internal load balancer: enables you to load balance traffic between VMs.
Internet-facing load balancer. The internet-facing load balancer enables.

 

Application gateway

Application gateways provide load-balanced solutions for network traffic that is based on the HTTP protocol, Session Affinity.

Traffic Manager

Microsoft Azure Traffic Manager is another load-balancing solution that is included within Azure. You can use Traffic Manager to load balance between endpoints that are located in different Azure regions.

Network security groups

You can use network security groups to provide network isolation for Azure resources by defining rules that can allow or deny specific traffic to individual VMs or subnets.

User Defined Routes

User Defined Routes (UDR) control network traffic by defining routes that specify the next hop of the traffic flow.

Forced Tunneling

With forced tunneling you can redirect internet bound traffic back to the company’s on-premises infrastructure for audit.

Regional virtual networks

Azure Virtual Network is bound to Azure subscriptions and it is not possible for multiple subscriptions to use the same Azure virtual network. If you need to provide communications between different Azure subscriptions, you need to create separate Azure virtual networks in each subscription and then use site-to-site virtual network connections or the Microsoft Azure service ExpressRoute, to connect them.

Cross-premises network connectivity

Virtual networks in Microsoft Azure also enable you to extend your on-premises networks to the cloud. To extend your on-premises network, you can create a virtual private network (VPN) between your on-premises computers or networks and an Azure virtual network. Alternatively, you can use ExpressRoute to provide a connection to an Azure virtual network that does not cross the Internet.

Management Tools CLI AWS

AWS CloudFormation

AWS CloudFormation Designer.

For Templates Admin

(2) AWS Admin Console (Portal)

(3) AWS API Rest

CLI Azure (windows, linux, mac)

PowerShell Templates AR

Classic Portal

New Portal
(3) Azure Resource Explorer– Web base tool help us to see our machines state and scaled details based on API Rest (e.g. the IP of machine)
(4) API Rest

Artificial Intelligence
Security, Identity & Compliance
Mobile Services
Messaging
Desktop & App Streaming
Internet of Things
Software AWS Marketplace

 

Images Supported

https://aws.amazon.com/es/ec2/vm-import/

AWS – VM Import/Export le permite importar imágenes de máquina virtual con facilidad desde el entorno existente a las instancias de Amazon EC2 y volver a exportarlas al entorno on-premise  (VHD – fue creado por Connectix para Virtual PC). Soporta VMware ESX o Workstation, Microsoft Hyper-V y Citrix Xen

AWS AMI

Paravirtualization, on the other hand, is a lighter form of virtualization. This technique is fas

HVM guests are fully virtualized. It means that the VMs running on top of their hypervisors

 

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/classic/createupload-vhd

Azure – Must come from Hyper-V virtual Machines, but VHDX not supported.

VHD must be a fixed size. Sysprep is necessary (effect to all new installations is used to start a new clean Windows OS to recognize all HW, it is HW independence).

 

          

Storage

Amazon S3 vs. Amazon Glacier

Unlike Amazon’s Elastic Block Store (EBS) or the local file system of your traditional PC, where data is managed in a directory hierarchy, Amazon S3 treats the data as individual objects. The abstraction of the lower storage layers and the separation of the data from their metadata come with a series of benefits. On the one hand, Amazon can provide a highly durable storage service for the fraction of the cost of bulk storage. It also only pays for the amount of storage it actually uses. Therefore, it is not necessary for you to guess and pre-allocate the disk space

Pure Glacier vs. S3 Glacier

At this stage, we must highlight the difference between the “pure” Amazon Glacier service and the Glacier storage class within Amazon S3. You can access the S3 objects that have been moved to the Glacier storage using the S3 Lifecycle policies (or say they have been restored) using the S3 API endpoints. As such, they are still managed as objects within S3 buckets, instead of Archives in Vaults, which is Glacier terminology. This differentiation is important when looking at the cost of services. While Amazon Glacier is much cheaper than S3 in storage, the charges are approximately ten times greater for file and restore requests. This iterates the store once, recovers the pattern rarely.

Strategy Points

 

 

  • Is the Virtual Machine and adequate load to carry to Cloud?
  • Azure
      • Azure not recommend low load process on Virtual Machines, better on-premise.
      • VM On-premise Hyper-V Vs Azure:
        • Azure is not based exactly in Hyper-V, its use Windows Server 2008 and a customized version of Hyper-V, known as the Microsoft Azure Hypervisor to provide virtualization of services.
        • On Azure No Console access, No support for VHDX and update of guest OS, no control of the physical HW to run the image and we can’t set more than 1 virtual network it’s depends of VM size. )
        • When an administrator creates a local Hyper-V VM, they must specify things such as the amount of memory that gets assigned to the VM, the number of CPU cores to use, and the location of the virtual hard disk. Azure virtual machines use similar configuration information, but administrators must deal with hardware allocations in two different way, quality and quantity. The idea is to handle various default settings and leave an Azure making the necessary adjustments based on the characteristics of HW categorized so that the orchestration and the meeting of the same sea is adequate (for example high computing ops).
        • Linux Machines has to be updated by the user apt-get upgrade – Linux

 

        • We have to adjust prices  
        • D1 – D2 – D3 Generic Models of VMs

 

  • Paas?

 

      • Consider Paas Alternatives to run in a VM.

 

  • How Admin the Systems?
  • Azure

 

    • Portal Nuevo. Azure maneja mediante plantillas ARM (Azure Resource Manager), Infraestructura declarativa, que concentra el trabajo de administración (creación de plantillas, roles de seguridad y borrado como una unidad) y facturación. Un grupo puede tener recursos en diferentes regiones. You can use PorwerShell to manage the templates ARM.

 

    • Azure CLI
    • PowerShell
    • Azure CLI vs PowerShell. PowerShell has more capabilities & powerfull, clean develop by scripts structured besides now support linux platforms.  CLI is tool support more platforms. You can use same commands no matter what platform you use: Windows, Linux or Mac.
    • API REST GW

Azure Resource Manager overview

 

    • Aws
    • Oc – rhc

 

 

  • What’s is the right size of the Virtual Machine?

 

 

 

  • How is going to connect?

 

 

    • We are going to connect isoleta autonomy way or will be part of the domain (Internet VPN or Dedicated (Optical)+VPN )

 

 

  • How make a Backup / Security Copy And Restore?

 

 

 

  • How Manage disaster recovery?

 

    • Automated protection and replication of virtual machines
      • Azure Availability sets:  provide redundancy in the application. It is recommended to group two virtual machines or more into an availability pool. This configuration ensures that during a planned or unplanned maintenance event, at least one virtual machine will be available and will meet 99.95% of Azure contracted service levels. Important, VMs must belong to the same resource group.
    • Remote health monitoring
    • Customizable recovery plans
    • No-impact recovery plan testing
    • Orchestrated recovery when needed
    • Replication to—and recovery in—Azure

 

 

  • How configure fault tolerance?

 

 

Costs

 

Azure

Azure is a subscription-based service. You need to register to get the service. There are no upfront costs and you only pay for the service you use.

Si queremos utilizar cargas de trabajo no pesadas, que consumen pocos ciclos de CPU, la opción de las VMs no serían las más adecuadas y nos saldría más caro, sería mejor por ejemplo contratar un PaaS que nos permita desplegar nuestra Web App (más económico).

Gracias a Azure Resource Manager, podemos administrar por grupos y por tanto ver nuestra facturación en función de esos grupos (VM, DB, VPNs,…)

 

Calculadora de gastos para VM:

https://azure.microsoft.com/es-es/pricing/calculator/?service=virtual-machines

 

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Social media & sharing icons powered by UltimatelySocial