The Microsoft Private Cloud

vanillaoliveInternet και Εφαρμογές Web

3 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

62 εμφανίσεις



The Microsoft Private Cloud

Technical Overview

Why Offer a Microsoft Private Cloud?

Driven by pressure to do more with less, many of your customers turn increasingly to virtualization
when they need to add capacity or deliver new or scaled out services. And yet, simple consolidation of
servers

what some have called virtualization 1.0

is n
o longer sufficient. Your customers want the
efficiency, simplicity, and cost
-
effectiveness of a fully virtualized and highly automated infrastructure.
Indeed, m
any organizations are on a declared trajectory toward a full infrastructure
-
as
-
a
-
service (IaaS)

model enabled by their own on
-
premises

or off
-
premise
s

private cloud.

This document provides a technical overview of the Microsoft vision for private cloud so that you can
begin to
take advantage of

this trend toward cloud computing and educate your cus
tomers about its
possibilities.



Disclaimer

This document is provided "as
-
is." Information and views expressed in this document, including URL and
other Internet website references, may change without notice. You bear the risk of using it.

Some examples
are for illustration only and are fictitious. No real association is intended or inferred.

This document does not provide you with any legal rights to any intellectual property in any Microsoft
product. You may copy and use this document for your internal,

reference purposes.



Table of Contents

WHY OFFER A MICROSOF
T PRIVATE CLOUD?

................................
................................
................................
.........

1

T
ABLE OF
C
ONTENTS

................................
................................
................................
................................
.......................

3

WHAT IS THE MICROSOF
T PRIVATE CLOUD?

................................
................................
................................
..........

4

MICROSOFT PRIVATE CL
OUD CORE ARCHITECTUR
E PRINCIPLES

................................
................................
............

4

R
ESOURCE
P
OOLING

................................
................................
................................
................................
.......................

5

E
LASTICITY A
ND
P
ERCEPTION OF
I
NFINITE
C
APACITY

................................
................................
................................
..............

5

P
ERCEPTION OF
C
ONTINUOUS
A
VAILABILITY

................................
................................
................................
........................

5

P
REDICTABILITY

................................
................................
................................
................................
..............................

5

S
ERVICE
P
ROVIDER

S
A
PPROACH TO
IT

................................
................................
................................
...............................

5

M
ULTI
-
TENANCY

................................
................................
................................
................................
............................

6

S
ECURITY AND
I
DENTITY

................................
................................
................................
................................
...................

6

CONCEPTUAL ARCHITECT
URE

................................
................................
................................
................................

6

A CLOSER LOOK AT THE

MICROSOFT PRIVATE CL
OUD
................................
................................
............................

7

T
HE
A
UTOMATION
L
AYER

................................
................................
................................
................................
................

8

T
HE
M
ANAGEMENT
L
AYER

................................
................................
................................
................................
...............

8

T
HE
O
RCHESTRATION
L
AYER

................................
................................
................................
................................
.............

8

T
HE
S
ERVICES
M
ANAGEMENT
L
AYER

................................
................................
................................
................................
..

9

T
HE
S
ELF
-
S
ERVICE
L
AYER

................................
................................
................................
................................
.................

9

S
ECURITY

................................
................................
................................
................................
................................
......

9

WHAT IT MEANS FOR YO
UR BUSINESS

................................
................................
................................
..................

9

VM

P
ROVISIONING AND
D
EPROVISIONING

................................
................................
................................
........................

10

I
NFRASTRUCTURE
M
ONITORING

................................
................................
................................
................................
......

10

I
NFRASTRUCTURE
M
AINTENANCE

................................
................................
................................
................................
....

11

R
ESOURCE
O
PTIMIZATION

................................
................................
................................
................................
..............

11

B
ACKUP

AND
D
ISASTER
R
ECOVERY

................................
................................
................................
................................
...

12

R
EPORTING

................................
................................
................................
................................
................................
.

12

EXPLORE THE MICROSOF
T PRIVATE CLOUD FOR
YOUR CUSTOMERS

................................
................................
...

12



What
I
s the Microsoft Private Cloud?

The Microsoft private
cloud is

the implementation of cloud services on resources dedicated to your
organization, whether they exist on your premises or your customers’
premises
.

This
infrastructure
-
as
-
a
-
service
(
IaaS
)

approach is powered by a
set of pooled resources and automati
on and management tools

built on Windows Server 2008 R2, Hyper
-
V virtualization,
Microsoft
System Center
, and other products
.
With a private cloud model, you can
offer customers

the self
-
service, scalability, and elasticity of a cloud
infrastructure with t
he additional control and customization made possible through dedicated
resources.

You can build a

Microsoft private cloud
using

the following components:

Table
1
. Elements of the Microsoft
private cloud

Required

Optional

Windows
Server 2008 R2 (Datacenter
e
dition
recommended due to unlimited virtualization use
rights) with Hyper
-
V

Microsoft Hyper
-
V Server 2008 R2

Microsoft Forefront

Microsoft SQL Server 2008


Microsoft
System Center Virtual Machine Manager

Self
-
Service Portal


Other
Microsoft
System
Center

family software:



Operations Manager



Configuration Manager

Windows PowerShell 2.0


Microsoft Deployment Toolkit (MDT)

2010



Windows Deployment Services (WDS)



The Microsoft private cloud, built on software your customers already know and trust, can help you
expand your role as a trusted advisor because you will hold the keys to
the

sophisticated infrastructure
your customers rely on. The IaaS model also helps yo
u position yourself for broader engagements with
such offerings as reporting and monitoring, usage metering, chargeback, and more

value
-
added

services that
can help you retain and grow your customer base in a highly competitive marketplace
.

Microsoft
Private Cloud Core Architecture
Principles

Microsoft designed its approach to the private cloud on a set of core architecture principles that help
ensure consistent, high
-
value delivery of IaaS now and as your customers grow.

The
se
principles
,

defined belo
w
,

help power
the cloud’s elasticity and
also distinguish
it
from a
traditional
local area
network (
LAN
)

in which key pieces are virtualized
. While
that virtualized

LAN

delivers some
of the
benefits of virtualization, such as increased utilization, a Microsoft cloud includes automation and
management capabilities that can mean revolutionary changes in
how

you deliver IT services and
how
your customers consume them.


Resource Pooling

The Micro
soft private cloud depends on
the flexible pooling of computing, storage, networking, and
software resources. This pooling

helps deliver
greater utilization and efficiency

and
is powered by Hyper
-
V virtualization, which

abstracts the platform from the phys
ical infrastructure
.

Multiple consumers

such as multiple customers or multiple organizational units within a business

can
share

pooled
resources
, result
ing

in
higher resource utilization and
economies of scale for both service providers and
consumers
.

Ela
sticity and Perception of Infinite Capacity

From
your custo
mer’s perspective, cloud services
should
appear to have infinite capacity.
End users

can
consume

as much or as little of the service as needed
, just as they consume electricity
.
This perception is
possible because, i
n contrast to a reactive approach that leads to inefficient resource use, t
he Microsoft
private cloud
facilitate
s

proactive capacity planning so that the infrastructure can satisfy peak requests
on demand
.
T
his principle
helps achieve gr
eater
balance between the cost of unused capacity and the
desire for agility.

Perception of Continuous Availability

From
your custo
mer’s perspective, cloud services
should always

be available when needed. The
consumer should never experience an interruptio
n
in

IT

service
s
, even if failures occur within the
cloud
infrastructure
.

To achieve this
continuous availability, the Microsoft private cloud architecture delivers

a
highly automated environment

in which
infrastructure redundancies
, such as failover clust
ering,

are
complemented by intelligent automation and management capabilities.

Predictability

Both service providers and consumers require predictability from a private cloud infrastructure. For

consumer
s
, cloud services should be consistent

they should have the same quality and functionality
each

time they are used.

To a
chieve this predictability, the
Microsoft private cloud
standard
izes

functions across

physical servers,
network devices
,

and storage
. This
standardization

help
s to

assure con
sistent
treatment of

hosted
workloads
, even during fluctuating demand
.

With the
Microsoft private cloud
, you can also

benefit from
p
redictability on the service provider’s side of the console through its management and automation
tools, which standardize s
ervice offerings and processes. This predictability is a fundamental
requirement if service providers are to deliver on the promised potential of a private cloud
infrastructure.


Service Provider’s Approach to IT

Historically, when
businesses needed new
or expanded IT services, they
purchase
d

the necessary
components and then buil
t

an infrastructure specific to the service requirements. Th
e result was often
disappointing in terms of agility
and also meant

delays
, duplicate infrastructure,
increased costs,

and
poor utilization.

Businesses can transform this state of affairs when they look at IT as a set of services they consume
rather than as a collection of hardware they deploy.

The Microsoft private cloud

helps
partners to
provide
infrastructure as a ser
vice

so that customers

can
consume what they need when they need it,
avoiding the pitfalls of underutilized, duplicate infrastructure. In addition, the

shared resource model
means you can take advantage of
economies of scale and greater agility in providin
g
additional
services

or expanding existing ones
.

Multi
-
tenancy

Partners can subdivide the Microsoft private cloud
and provision

logically isolated resources
to different
customers.
Customers can also benefit from the multitenant capabilities of an on
-
premises private cloud
infrastructure because
resources can be provisioned for distinct
organizational units

within the business
,
which facilitates usage metering and chargeback
.

Securit
y and Identity

The Microsoft private cloud delivers strong security for cloud computing through
three pillars:



Protected
i
nfrastructure



Application
a
ccess



N
etwork
access

The Microsoft private cloud uses
security

and identity

technologies to protect both p
hysical and virtual

hosts, information, and applications in the data

center.
These technologies take advantage of the least
-
privileged user account access principle

an approach that
ensures that users always log on with limited
user accounts

un
til

they are

granted additional privileges.


The Microsoft private cloud secures application access through integration of Active Directory, System
Center, and the identities and relationships that are part of the cloud infrastructure. This identity
foundation
ensure
s that
users

have secure access
to IT resources using
numerous devices
, which helps
customers maintain productivity.


Network access in the Microsoft private cloud is secured
at the perimeter
through
Windows Firewall
with Advanced Security

which combines a

firewall with
IP Security (
IP
S
ec
)

and through endpoint
protection software. The Microsoft private cloud also supports logical isolation of server and domain
resources so that administrators can limit access to authenticated and authorized computers.

Conc
eptual Architecture

The Microsoft private cloud features a layered architecture in which Hyper
-
V virtualization decouples
operating systems, data, applications, and user state
from the underlying
hardware

(see figure 1)
. This
virtualization layer enables the wide range of automation and management capabilities that
differentiate a cloud infrastructure from a highly virtualized LAN.
The layered architecture

develops
complex workflow and automation over time
as various sof
tware pieces:



Create

a collection of simple automation tasks
.



A
ssemb
le

those tasks
into procedures that are managed by the management layer
.



C
reat
e

workflows and process automation that are contro
lled by the orchestration layer
.



Figure
1
: Layered architecture of the Microsoft
private cloud

A
Closer Look at the Microsoft Private Cloud

The elasticity and other features of the Microsoft private cloud
shown in figure 1
are
made possible
through

Hyper
-
V virtualization
, which

decouple
s
operating system
s
, data, and applications from the
underlying
hardware. This

abstraction

powers
the
following
layers and elements that define an elastic
cloud infrastructure
:



Automation



Management



Orchestration



Services Management



Self Service

The Autom
ation Layer

The ability to automate all expected operations over the lifetime of a hardware or software component
is critical. Without this capability being
threaded throughout

all layers of the infrastructure, dynamic
processes
stop
as soon as user
intervention or other manual processing is required.

Windows PowerShell and several other foundational technologies, including
Windows Management
Instrumentation (
WMI
)

and WS
-
Management, provide a robust automation layer across
the Microsoft
private cloud
.

Th
e integrated solution is

a single automation framework and scripting language
that can

be used across the entire infrastructure.

The automation layer is made up of the foundational automation technology plus a series of single
-
purpose commands and scrip
ts that perform operations such as starting or stopping a
virtual machine
(
VM
)
, rebooting a server, or applying a software update. These atomic units of automation are
combined and executed by higher
-
level management systems. The modularity of this layered

approach
dramatically simplifies development, debugging, and maintenance.

The Management Layer

The management layer consists of the tools and systems
used

to deploy and operate the infrastructure.
In most cases, this consists of a variety of different too
lsets for managing hardware, software, and
applications. Ideally, all components of the management system would
take advantage of
the
automation layer and not introduce their own protocols, scripting languages, or other technologies (as it
increases comple
xity and may require additional staff expertise).

The management layer is u
sed

to perform activities such as provisioning the storage

area network
(SAN), deploying an operating system, or monitoring an application. A key attribute is its abilities to
manag
e and monitor every single component of the infrastructure remotely and to capture the
dependencies among all of the infrastructure components.

The
Orchestration

Layer

The orchestration layer
takes advantage of
the management and automation layers. In much

the same
way that an enterprise resource planning (ERP) system manages a business process such as order
fulfillment and handles exceptions such as inventory shortages, the orchestration layer provides an
engine for IT
-
process automation and workflow. The
orchestration layer is the critical interface between
the IT organization and its infrastructure. It is the layer at which intent is transformed into workflow and
automation.

Ideally, the orchestration layer provides a graphical interface in which complex
workflows that consist of
events and activities across multiple management
-
system components can be combined, so as to form
an end
-
to
-
end IT business process such as automated patch management or automatic power
management. The orchestration layer must pro
vide the ability to design, test, implement, and monitor
these IT workflows such as with
Microsoft

Opalis.

The
Service
s

Management

Layer

The Service Management layer provides the means for automating and adapting IT service management
best practices, such
as those found in Microsoft Operations Framework (MOF) and the IT Infrastructure
Library (ITIL), to provide built
-
in processes for incident resolution, problem resolution, and change
control. By providing an integrated service management platform, Service
Manager can reduce costly
downtime and improve the quality of the services in the data

center.

The
Self
-
Service
Layer

The Self
-
Service layer provides an interface for
Microsoft
private cloud
tenants or authorized users to
request, manage, and access the se
rvices, such as virtual machines, provided by the
c
loud architecture.
Using role
-
based access control and authorization, the Self
-
Service layer provides the ability to delegate
certain aspects of administration (such as starting/stopping VMs) to designated

“tenant administrators
.


Security

Security for the
Microsoft private cloud
is found
ed on the following three pillars:



Protect the infrastructure with coordinated security technologies and controls at each layer of
the architecture.

These controls follow
a defense
-
in
-
depth strategy, which assigns users,
processes, and IT components a level of trust that governs review priority. The

controls

also
follow the principles of least privileged
user account access. With this strategy,
users
always log
on with

the
minimum privileges required to function, and
administrator credentials are used
only by authorized users for administrative functions. When
additional privileges
become
necessary, automated workflows make change control simple and secure.




Protect applicat
ion access using Active Directory
.

Integrated with Windows Server 2008 R2,
Active Directory
provides

out
-
of
-
the
-
box functionality needed to centrally configure and
administer system, user, and application settings.



Protect network access
.

The Microsoft pri
vate cloud supports
tools such as Windows Firewall
with Advanced Security, Network Access Protection, and logical isolation of server and domain
resources.

These server
-
side technologies are complemented by client security technologies such as
antimalware
applications and other endpoint protections.

What It Means for Your Business

Working together, these layers combine to form a private cloud solution that drives agility and flexibility
deep into the infrastructure. This approach has real impact on specifi
c business scenarios

that you and
your customers face every day
.

VM
P
rovisioning and
D
eprovisioning

One of the primary attributes of a cloud infrastructure

indeed, one thing that
makes

it a cl
oud
infrastructure

is user self
-
service. When an infrastructure
has this capability, the consumer of a service
can request that service and the cloud infrastructure follows automated processes to rapidly provision
the needed service and make it available to the requestor. This approach is in stark contrast to a hands
-
o
n, labor
-
intensive method that relies on manual workflows and error
-
prone processes that
introduce
delay and risk.

In the
Microsoft private cloud
solution,
user self
-
service also takes the form of automated VM
provisioning and deprovisioning. Users can

req
uest one or more
VMs

or to delete their existing
VMs
from the
Self
-
Service Portal
or tenant user interface
. The request
triggers an automated workflow in
System Center Virtual Machine Manager to either create or delete a
VM

based on the authorized
settings

input
by

the user or tenant.

The p
rov
isioning could be based on templates,

such as
when a user
request
s

a
standard VM
configuration, or the user could make a series of selections
(
such as
vCPUs

and

RAM)

to cause a custom
VM to be provisioned
.
System Center Virtual Machine Manager follows established and automated
procedures to gain any necessary authorization. If the request is authorized,
the provisioning process
should create a new VM per the user’s request, add the VM to any relevant managem
ent products in
the Hyper
-
V cloud (such as System Center) and enable access to the VM by the requestor.

Infrastructure M
onitoring

The
Microsoft private cloud helps IT administrators to
monitor every major component of the solution
and
to
generate alerts ba
sed on performance, capacity, and availability metrics
.
To effectively monitor
cloud components requires checking for problems with hosts, host groups, guests, services, server
resources, and system resources. Automated monitoring:



Helps to ensure that th
e performance requirements of
service level agreements (
SLAs
)

are being
met
.



Helps to ensure that specific administrative tasks, such as performing daily backup operations
and checking server health, are being successfully completed
.



Helps to detect and ad
dress issues, such as a bottleneck in server performance or a need to add
resources
,

before productivity is affected
.

For example, administrators can use Service Center Operatio
ns Manager to define metrics for
server
availability,
or
CPU and storage utiliz
ation
, and to send an alert when one of the metrics is outside of an
acceptable range
.

Operations Manager can also use agents to report performance and health data
about guest and host
operating systems
.

In addition,
The Dashboard supplements the Virtual Machine Manager 2008 R2 Self
-
Service Portal 2.0 by
providing a centralized view of infrastructures, resources, virtual machines, and charge
-
back data.
T
he
Dashboard also provides detailed status information

for each of

these areas
.
This information helps IT
managers

make
informed
decisions, reduce the costs of services, and improve the overall productivity of
the
infrastructure
.

Infrastructure
M
aintenance

With t
he Microsoft private cloud
,
administrators
can

perform maintenance on any component of the
infrastructure
without
negatively affecting

its

availability.
This “hot maintenance” capability
allows

a
preventive approach
that

help
s

identify potential errors before
they

disrupt performance
.


For example, pa
tch management is a critical maintenance operation in a cloud infrastructure just as in a
physical infrastructure. The Microsoft private cloud
supports a number of patch management tools and
approaches,
such
as Windows Server Update Services, System Center

Configuration Manager,
the
Virtual Machine Servicing tool,
and third
-
party applications.

Because of products such as System Center
Virtual Machine Manager, patch management in the Microsoft private cloud can proceed with full
visibility into infrastructur
e components and dependencies. This visibility also
gives administrators

greater control over patching in a virtual environment, which entails some special considerations such as
the following:



Host updates.

A Hyper
-
V host that requires a restart after upd
ate installation affects the
availability of all of its guests.



Isolated guests.

V
M
s might be connected to an internal network and inaccessible to the patch
management solution.



Powered
-
off guests.

A
VM

that is either used for testing or stored in the Virt
ual Machine
Manager library m
ight

be powered off for extended periods of time.



Performance.

Updating all the guests on a particular host can have a significant performance
impact on all the machines.

Resource
O
ptimization

Several of the Microsoft private c
loud core architecture principles

e
lasticity,
p
erception of
i
nfinite
c
apacity, and
p
erception of
c
ontinuous
a
vailability

depend

directly on

resource optimization.
When it
effectively optimizes pooled IT resources, the Microsoft private cloud can

mov
e

workl
oads around the
infrastructure based on
need and
performance, capacity, and availability metrics.

One key to this optimization of resources is
Performance and Resource Optimization (PRO)
,

a feature of
System Center Virtual Machine Manager 2008.

VMM PRO
helps optimize resources
, in part, through
intelligent placement
.
During intelligent placement,
Virtual Machine Manager
chooses the most suitable
host for
each VM

based on the
VM
’s configuration

and

the placement preference (load balancing or
resource maxi
mization) that is in effect
. Virtual Machine Manager
then migrates the
VM
.

This and other optimization capabilities can have remarkable impact. For example,
workloads
can be
distributed
across the infrastructure for maximum performance
. Or, if needs or pri
orities change, the
infrastructure can
consolidat
e

as many workloads as possible to the smallest number of hosts for
dramatic reductions in power consumption
.


Backup and
D
isaster
R
ecovery

The Microsoft private cloud provides a variety of backup and data r
ecovery options, including host
-
based, guest
-
based, and SAN snapshots (depending upon the storage vendor’s level of Hyper
-
V
integration).
Any backup plan should
protect

not only VM files, but also

SQL Server files and
Virtual
Machine Manager and the Self
-
S
ervice Portal data, including the Virtual Machine Manager server, hosts,
library servers, the Self
-
Service Portal
d
atabase
,

and ActionXML
s
egments
. The backup plan should also
include a disaster recovery plan.


Microsoft System Center Data Protection Mana
ger (DPM)
2010
can
provide continuous data protection
for
VMs

in the Microsoft private cloud
. This protection includes
:



O
nline backup of supported guest
VMs

hosted on clustered or standalone systems



P
rotection of
VMs

during the live migration process



I
tem
-
level recovery from host
-
level backup

DPM 2010 offers disk
-
to
-
disk, disk
-
to
-
tape, and disk
-
to
-
disk
-
to
-
tape technologies
,
all of which maintain
the business value of a virtualized infrastructure by ensuring that it is better protected and always
available.

Other backup solutions are
also
permitted as long as they support proper online backup of
Hyper
-
V
VM
s in the designed solution.

Reporting

The Microsoft private cloud
provide
s

a centralized reporting capability

that serves as the foundation for
capacity
-
ba
sed

or utilization
-
based billing and chargeback to tenants
.
Comprehensive reports can also
help reduce the amount of time required to manage data center resources. Reporting capability in the
Microsoft private cloud is provided through integration of sever
al software pieces such as System Center
Virtual Machine Manager and Operations Manager.
The solution

provide
s standard reports that d
etail
capacity, utilization, and other system metrics.


For example, o
ne report that is helpful in
optimizing

the virtual
environment is the Virtualization
Candidates report. This report helps to identify the physical computers that are good candidates for
conversion to
VMs
.
Administrators can also use t
he report to identify little
-
used servers and to display
the average valu
es for a common set of performance counters for CPU, memory, and disk usage along
with hardware configuration information, including processor speed, number of processors, and RAM.
The report can be limited to computers that meet the specified CPU and RAM
requirements, and it can
sort the results.

Explore the Microsoft Private Cloud for Your
Customers

Many of your customers are ready for private cloud solutions, and Microsoft partners are well
positioned to meet their
needs. With trusted Microsoft products
your customers already know, such as
Windows Server 2008 R2 and System Center, you can:



Build or host a Hyper
-
V private cloud to more quickly
deliver

cloud benefits
to

customers.



Offer indispensible services at exceptional value due to economies of scale.



Remain competitive as the industry shifts toward a cloud model.


Learn more about the Microsoft private cloud today by visiting
www.microsoft.com/privatecloud
.