Windows Azure

IT Pro experience

Support for key server applications

Easy storage manageability

High availability features

Advanced networking

Integration with compute PaaS

Cloud Service is a management, configuration, security, networking and service model boundary

INST

AN

CES

RO

LES

Virtual Machines are roles with exactly one instance

Multiple Virtual Machines can be hosted within the same cloud service

Bring your own DNS server Use your on-premise DNS servers Deploy a DNS server in Windows Azure Use public DNS services

Windows Azure provided DNS Resolves VMs by name within the same cloud service Machine names are modeled explicitly and registered in the DNS service

Full control over machine names

Port Forwarded Endpoints Direct communication to multiple VMs in the same cloud app

Support for All IP-Based Protocols (VM to VM) Instance-to-instance communication TCP, UDP and ICMP, dynamic ports

UDP Traffic Supported in WA Load-balanced incoming traffic and allows outbound traffic

Custom Load Balancer Health Probes Health check with probe timeouts HTTP based probing, allowing granular control of health checks

Endpoint Public Port Local Port Protocol (TCP/UDP) Name

Cloud App/Hosted Service

Port Forwarding and RDP

Endpoint Set Public Port Local Port Protocol (TCP/UDP) Name

Cloud App

Load Balancer Probe Set Name Protocol (TCP) Probe Port Probe Path (/healthcheck.aspx) Looks for HTTP 200

Cloud App

Load Balanced Sets

Cross-premise Connectivity ENTERPRISE

Data Synchronization SQL Azure Data Sync

Application-layer Connectivity & Messaging

Service Bus

Secure Machine-to-Machine Network Connectivity

Windows Azure Connect

Secure Site-to-Site Network Connectivity

Windows Azure Virtual Network

Your “virtual” branch office/ datacenter in the cloud Enables customers to extend their Enterprise Networks into Azure Networking on-ramp for migrating existing apps and services to Windows Azure Enables “hybrid” apps that span cloud and their premises

A protected private virtual network in the cloud Enables customers to setup secure private IPv4 networks fully contained within Windows Azure IP address persistence Inter-service DIP-to-DIP communication

VNET Provides Direct Network Access

FrontEndSubnet (10.3.1.0/24)

BackEndSubnet (10.3.3.0/24)

IIS Servers

Fabrikam-CloudSvc

Fabrikam-CloudApps SQL Mirror

DNSSubnet (10.3.2.0/24)

APPVNET – Virtual Network (10.3.0.0/16)

Corp-OnPrem (192.168.1.0/24)

192.168.1.6 (Local AD)

Fabrikam-CloudDC

AD Data Access

VNET Gateway

Mixed Mode: VM and PaaS Roles in the Same Cloud Service Simple, secure and highly efficient method of using IaaS and PaaS side-by-side

Direct Connectivity Using Virtual Networking For advanced connectivity scenarios such as Active Directory or DCOM

Connect Cloud Apps via VIPs Easily compose services by connecting public endpoints

Strengths Simplicity VIP Swap (stateless roles) Easy Local Dev/Test Persistent Service is Easily Accessible (even from other services!)

SQL Data Access Traffic

Through Public Endpoint

Weaknesses Higher Latency Less Secure Management/ Deployment Overhead

WA Web Role

Cloud Service 1

Cloud Service 2

SQL Server

Load Balancer

Secure Endpoints with Firewall

Load Balancer

Strengths More Secure Low Latency Cloud Service Autonomy VIP Swap (stateless roles) Advanced Connectivity Requirements

Weaknesses VNET Complexity No Windows Azure provided DNS

Direct Access via VNET

FrontEndSubnet (10.0.0.0/16)

SQLSubnet (10.1.0.0/16)

Load Balancer

WA Web Role

Cloud Service1

Cloud Service 2

AD

SQL Mirror

AD Subnet

(10.2.0.0/16)

ContosoVNet (10.0.0.0/8)

VNET Provides Direct Network Access

FrontEndSubnet (10.3.1.0/24)

BackEndSubnet (10.3.3.0/24)

Fabrikam-CloudSvc

Fabrikam-CloudApps SQL Mirror

DNSSubnet (10.3.2.0/24)

APPVNET – Virtual Network (10.3.0.0/16)

Corp-OnPrem (192.168.1.0/24)

192.168.1.6 (Local AD)

Fabrikam-CloudDC

AD

WA Web Roles

Data Access

VNET Provides Direct Network Access

FrontEndSubnet (10.3.1.0/24)

Fabrikam-CloudSvc

DNSSubnet (10.3.2.0/24)

APPVNET – Virtual Network (10.3.0.0/16) Corp-OnPrem

(192.168.1.0/24)

192.168.1.6 (Local AD)

Fabrikam-CloudDC

AD WA Web Roles

Windows Azure SQL Database

Data Access

IT Pro experience

Support for key server applications

Easy storage manageability

High availability features

Advanced networking

Integration with compute PaaS