| Sıra | DOSYA ADI | Format | Bağlantı |
|---|---|---|---|
| 01. | Controller Networking Events Students | pptx | Sunumu İndir |
Transkript
What’s new inHybrid IT InfrastructureIncreasing efficiency and scalability withWindows Server 2016 and Microsoft AzureHybrid IT Innovation Series #InnovateITDan StoltsChief Technology Strategist@ITProGuru http://ITProGuru.com itproguru@Microsoft.com
Dan StoltsChief Technology Strategist@ITProGuru http://ITProGuru.com itproguru@Microsoft.comModule 1Datacenter InfrastructureIT Innovation Series#InnovateIT
System RequirementsNavigate to: http://aka.ms/lodtestAll requirements and connectivity details are viewable at the link above. The requirements you will find onthat page apply specifically to the computers students will run the labs on. The requirements specified are alsoapplicable to students who bring their own device. Please send the link above to students prior to the classstart day, so they can verify their ability to successfully launch labs from their own device and view systemrequirements. If students have any issues launching the test lab, please have them emailsupport@learnondemandsystems.com for assistance. To expedite assistance, ask students to reference TestLab Launch in their support inquiry.From the LODS Test page, students can: Click Launch Lab (to test lab launch) Click View System Requirements (to view in depth requirement details)Students can also test their device on the day of the class. There is a launch link for a test lab that will appearon the class page (in the student portal). However, we highly recommended that they launch the test labbefore coming to class.
Class name: ITI - What’s new in Hybrid IT Infrastructure• navigate to: https://aka.ms/iti • The student Training Key for this class is: ITI1591• Lightning Bolt for Execute/Paste
Story..A Cab/Taxi CompanyFounded 2009Launch 2010How was this company’s success possible?
Another SHORT Story…A Software Company6Everything can change in a very short period of time and we in the IT business need to be able to change to keep up with it.Everything.
CEO Satya Nadella: “Microsoft Loves Linux”
Module agendaShielded Virtual MachineIntroducing ContainersIntroducing Nano ServerSoftware-defined StorageSoftware-defined NetworkingResources
Shielded Virtual Machine
Public cloud storage services2x86 server virtualization1Cloud infrastructure as a service3Enterprise application platform as a service4A leader in Gartner magic quadrants Microsoft only leader in all four magic quadrants[1] Gartner “x86 Server Virtualization Infrastructure,” by Thomas J. Bittman, Michael Warrilow, July 14 2015; [2] Gartner “Public Cloud Storage Services,” by Arun Chandrasekaran, Raj Bala June 25, 2015; [3] Gartner “Magic Quadrant for Cloud Infrastructure as a Service,” by Lydia Leong, Douglas Toombs, Bob Gill, May 18, 2015; [4] Gartner “Enterprise Application Platform as a Service,” by Yefim V. Natis, Massimo Pezzini, Kimihiko Iijima, Anne Thomas, Rob Dunie , March 24, 2015.Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Emerging security threatsRising number of organizations suffering from breachesCybercrime costs US economy up to $140 billion annually, report saysLos Angeles Times [2014]How hackers allegedly stole “unlimited” amounts of cash from banks in just a few hoursArs Technica [2014]The biggest cyberthreat to companies could come from the insideCnet[2015]Cyberattacks on the rise against US corporationsNew York Times [2014]Espionage malware infects rafts of governments, industries around the worldArs Technica [2014]Forget carjacking, soon it will be carhackingThe Sydney Morning Herald [2014]Malware burrows deep into computer BIOS to escape AVThe Register [September 2014]Bigger motivations2Increasing incidents1Bigger risk31 1 22 3 3 3
A privileged fabric1Hyper-V hostsVirtual machinesSpread of virtualization has led to unexpected security implications234TenantvFabric/virtualization administratorsHave the highest privileges, instead of the traditional model where domain administrators are the most trusted IT staff12 Virtualized domain controllersIf DCs are virtualized and I’m a Hyper-V administrator, I can shut down the VM, copy the virtual disks for offline attacks, or install malwarePublic cloudFabric administrators could potentially have full access to tenant VMs3Shielded Virtual MachinesStrong separation between the fabric administrators and the workload administrators, implemented through encryption and protected secrets4Fabric/virtualization administrator
So what is a“Shielded Virtual Machine”?The data and state of a Shielded VM are protected against inspection, theft, and tampering from both malware and datacenter administrators11 Fabric admins, storage admins, server admins, network admins
Shielded VMWhen you turn on a shielded VM…• Virtual TPM enables the use of disk encryption within a VM (e.g., BitLocker)• VM configuration files and VM state are encrypted• All live migration traffic is also encrypted without having to implement IPsec• The host crash dumps are encrypted• VM crash dumps are turned off by default, and they’ll also be encrypted if you enable themFabric administrators have no access to VMs• Can’t attach debuggers while they’re running (the hardened VM worker processes that run each VM don’t allow it)• Can’t access the content of BitLocker-protected VHDX files• Can’t console connect to a VM• VMs can only run on known and “healthy” (safe) hosts via the Host Guardian ServiceHyper-V hostShielded VMs
OPERATIONAL EFFICIENCIESProduction CheckpointsPowerShell DirectHyper-V Manager ImprovementsReFS Accelerated VHDX OperationsAVAILABILITYVM Compute ResiliencyVM Storage ResiliencyNode QuarantineShared VHDX – Resize, Backup, Replica SupportMemory – Runtime Resize for Static/DynamicvNIC – Hot-Add and vNIC NamingROLLING UPGRADESUpgrade WS2012R2 -> WS2016 with no downtime for workloads (VMs / SOFS) or additional H/WVM Integration Services from Windows Update… much more…
LabExploring Hyper-V inWindows Server 2016
Introducing Containers
ContainersA new approach to build, ship, deploy, and instantiate applicationsPhysicalApplications traditionally built and deployed onto physical systems with 1:1 relationshipNew applications often required new physical systems for isolation of resourcesHigher consolidation ratios and better utilizationFaster app deployment than in a traditional, physical environmentApps deployed into VMs with high compatibility successApps benefited from key VM features i.e., live migration, HAPhysical/virtualKey benefitsFurther accelerate of app deploymentReduce effort to deploy appsStreamline development and testingLower costs associated with app deploymentIncrease server consolidationPackage and run apps withincontainersVirtual
ContainersIsolated runtime environment for hosted applicationsDependenciesEvery application has its own dependencies which includes both software (services, libraries) and hardware (CPU, memory, storage)VirtualizationContainer engine is a light weight virtualization mechanism which isolates these dependencies per each application by packaging them into virtual containersShared host OSContainer runs as an isolated process in user space on the host OS, sharing the kernel with other containersFlexibleDifferences in underlying OS and infrastructure are abstracted away, streamlining “deploy anywhere” approachFastContainers can be created almost instantly, enabling rapid scale-up and scale-down in response to changes in demandContainerApp ABins/librariesApp BBins/librariesContainer management stackHost OS with container supportServer
FlexibleVMs can be migrated to other hosts to balance resource usage and for host maintenance, without downtimeSecureHigh levels of resource and security isolation for key virtualized workloadsContainersHow do they differ from virtual machines?DependenciesEach virtualized app includes the app itself, required binaries and libraries and a guest OS, which may consist of multiple GB of dataIndependent OSEach VM can have a different OS from other VMs, along with a different OS to the host itselfVirtual machineApp ABins/LibrariesApp BBins/LibrariesHypervisorServerGuest OSGuest OS
Container use casesWorkload characteristicsScale out DistributedState separatedRapid (re)startDatabasesWeb Tasks Scale outDeployment characteristicsEfficient hostingMultitenancyRapid deploymentHighly automatable Rapid scalingDistributed compute? (? )
Container ecosystemContainer runtimeLinuxContainer images Image repositoryApplication frameworkApplication
Microsoft’s Container runtimesWindows Server containerHosting Highly automatedSecure Scalable and elasticEfficient Trustedmulti-tenancyHyper-V containerShared hostingRegulated workloadsHighly automatedSecure Scalable and elasticEfficient Publicmulti-tenancy
Container RuntimesWindows Server containerHyper-V containerModern app dev, flexible isolationWindows Container ImagesApplication FrameworkWrite once, deploy anywhereContainer ManagementDockerPowerShellOthers
Introducing Nano Server
Customer voiceReboots impact my businessWhy do I have to reboot because of a patch to a component I never use?When a reboot is required, the systems need to be back in service A.S.A.P.Server images are too bigLarge images take a long time to install and configureTransferring images consumes too much network bandwidthStoring images requires too much disk spaceInfrastructure requires too many resourcesIf the OS consumes fewer resources, I can increase my VM densityHigher VM density lowers my costs and increases my efficiency and margins
“ I want just the componentsI need, and nothing more.”
“We need server configurationoptimized for the cloud.”
The next step in the journey…Nano ServerNano Server: A new headless, 64-bit only, deployment option for Windows ServerServerCoreDeep refactoring with cloud emphasis• Cloud fabric & infrastructure (clustering, storage, networking)• Born-in-the-cloud applications (PaaS v2, ASP.NET v5)• VMs & Containers (Hyper-V & Docker)Serverwith a desktop experienceExtend the Server Core pattern• Roles & features live outside of Nano Server• No binaries or metadata in OS image• Standalone packages install like apps• Full driver support• Antimalware
Nano ServerZero-footprint model • Server roles and optional features live outside of Nano Server• Standalone packages that install like applications, from local/cloud repositoriesKey roles and features• Hyper-V, Storage (SoFS), Networking (DNS), Clustering• Core CLR, ASP.NET 5 and PaaSFull Windows Server driver supportAntimalware available as optional featureNano Server is an Installation Option• Located on the Windows Server media• Must be cust mized to determine it’s functionality
Nano Server Quick StartScripts included in Nano Server folder to make it easy to build a customized Nano Server image• NanoServerImageGenerator.psm1• Convert-WindowsImage.ps1Use scripts to generate a Nano Server image forPHYSICAL MACHINEVIRTUAL MACHINENew-NanoServerImage -MediaPath F:\\ -BasePath .\\Base-TargetPath .\\NanoVM\\SRV-Nano.vhd -ComputerName SRV-Nano-GuestDrivers –Storage -Clustering
The end result…
Nano Server Recovery ConsoleProvides local access to basic configuration and network settings:• Computer name• Domain or workgroup name• Ipconfig/all information for each network adapterProvides ability to configure local NICsand Firewall settingsHow do I manage Nano Server?
Nano Server roles and featuresTable shows roles and features that are available in this release of Nano Server, along with the Windows PowerShell options that will install the packages for themRole or feature OptionHyper-V role -ComputeFailover clustering -ClusteringFile server role and other storage components -StorageWindows Defender antimalware, including a default signature file -DefenderOEM drivers—select drivers that ship in-box with Server Core -OEMDriversReverse forwarders for application compatibility, for examplecommon application frameworks such as Ruby, Node.js, etc.-ReverseForwardersHyper-V guest drivers for hosting Nano Server as a VM -GuestDriversHost Support for Windows Containers -Containers
Nano Server roles and featuresTable shows roles and features that are available in this release of Nano Server, along with the Windows PowerShell options that will install the packages for themRole or feature OptionDNS Server Role -Packages Microsoft-NanoServer-DNS-PackageDesired State Configuration (DSC) -Packages Microsoft-NanoServer-DSC-PackageIIS Web Server -Packages Microsoft-NanoServer-IIS-PackageSystem Center VMM Agent-Packages Microsoft-Windows-Server-SCVMM-Package-Packages Microsoft-Windows-Server-SCVMM-Compute-PackageNetwork Perf Diagnostics Service (NPDS) -Packages Microsoft-NanoServer-NPDS-PackageData Center Bridging -Packages Microsoft-NanoServer-DCB-Package
Remotely managing Nano ServerRemote graphical & Web tools• Server manager• Azure Portal tools• Task manager• Registry editor• File explorer• Server configuration• Event viewer• Disk manager• Device & driver management• Performance• Users & groupsPowerShell remoting• Core PowerShell engine, language, and cmdlets• Windows Server cmdlets (network, storage, etc.)• PowerShell DSC• Remote file transfer• Remote script authoring & debugging• PowerShell Web accessVM & container management• Hyper-V manager• Hyper-V cmdlets• PowerShell Direct over PSRP• CimSession support• Docker• SCVMM agent & console• 3rd-party agents & consolesDeployment & monitoring• DISM online & VHD support• Unattended setup• Visual Studio integration• DSC Local Config Manager• Setup & boot eventing• SCOM agent• VSO App Insights• Azure Op InsightsPartners & frameworks• Chef integration• .NET Core and CoreCLR• ASP.NET 5• Python, PHP, Ruby, Node.js• PowerShell Classes• PS Script Analyzer• PowerShell Gallery• PowerShellGet
Remote Server Management ToolIncludes replacements for local-only tools• Task manager, registry editor• Event viewer, device manager• Sconfig• Control panel, file explorer• Performance monitor, disk management• Users/Groups managerSupports Server Core and server with desktop experienceAzure-based Eliminating the need to ever sit in front of a serverhttps://channel9.msdn.com/Series/Nano-Server-Team/Remote-Server-Management-Tools-on-Nano-Server.Marketplace -> Management -> More -> Server management toolshttp://blogs.technet.com/b/nanoserver/archive/2016/02/09/server-management-tools-is-now-live.aspx
• Learn About Events + Thought Leadership• Thought Leadership / Industry Trends• Local and National ITPro 1st Party Events• Local ITPro 3rd Party (Partner) Events• Local ITPro Community • Online events; MVA content• Channel 9 content; Interesting Blog Content• Occasional Easter Egg; sometimes learning, sometimes tangible value• More Features comingNever Again Miss…• Launch Events• IT-Camps• Online Events• New MVA Class• Top Industry Though Leadership / Industry Trends• Certification Jump Start (Architecting Azure Solutions coming soon)You Asked for it…. Now you have it!Over 100,000 subscribers in first month!ht p://aka.ms/addmeRecent Articles: • Talent Gap• Translating Business Problems to Technology Solutions• Cloud System Architecture & Security
Example: Azure Certification Jump Start70-534 Architecting Microsoft Azure Solutions• 8:00 Registration, Breakfast and Networking• 8:30 Sharp: 70-534 Introduction• Exam Tips and Tricks• Design Microsoft Azure infrastructure and networking (15–20%)• Secure resources (15–20%)• Design an advanced application (15–20%)• Lunch & Labs • Design websites (15–20%)• Design an application storage and data access strategy (15–20%)• Design a management, monitoring, and business continuity strategy (15–20%)• Field Experiences• 5:00pm Book Signing – Authors Dan Stolts (some locations)• 5:00pm Social Hour w/ Speakers and Friends• Registration RequiredComing Soon… Join EVENTS Mailing List NOW!Brought to you By: @ITProGuru Microsofthttp://www.amazon.com/dp/0735697442/ref=rdr_ext_tmbText Book for Attendeeshttp://aka.ms/AddMe
LabGetting started with Nano Server
Software-Defined Storage(SDS)
Cloud-inspired infrastructure and design• Using Industry-standard hardware• Integrating cloud design points in software• Driving cloud cost efficienciesScale out with simplicity• Integrated solutions • Rapid time to solution • Policy-based managementIndustry trendsWhat is Software-defined Storage (SDS) ?Software intelligence delivering feature-rich cloud scale storage and economics built on industry standard hardware Data explosion • Device proliferation • Modern apps• Unstructured data analytics Evolving technologies• Flash is transforming storage• Network delivering extreme performance• Maturity in software-based solutions • Virtual machines and containers
What is a SAN, really?Physical disksFlash-based (SSD) or spinning media (HDD) to provide the raw storage capacity for your data. Pooled by the controllers, and sliced into LUNs (simple, mirrored, parity, etc.).ControllersThe brains of the SAN—typically now with x86 CPU, memory, and provides enterprise features like thin provisioning, deduplication, storage tiering, etc. Multiple controllers provide resiliency.Connectivity adaptorsResilient connectivity to external sources via iSCSI, FC, FCoE, NFS, SMB.
What about Microsoft and storage?Physical disksMultiple options for low cost and low complexity. HDD/SSD mix can exist in external JBOD shelf connected via SAS, or within the file server (controller) chassis itself.Windows Server is now the controllerClustered Windows Server File Servers (SOFS) create disk pools, then slices them into storage spaces. Spaces can be thin provisioned, tiered, and support deduplication. Spaces can be simple, mirrored, or parity.Connectivity adaptorsWindows Server File Servers have resilient connectivity to external sources using regular 1GBE, 10GBE network adaptors. Support for up to 56GB, 100GB RDMA adaptors. Support via iSCSI, SMB 3.0, and NFS connectivity.
1 Industry-standard JBOD, filled with SSD and HDD on a 1:4 ratio. Additional JBODs added for capacity.Scale-Out File ServerSSDs and HDDsSSD SSD SSDWindows Server 2012 R2 architecture2342 Up to 8 industry-standard x86 servers, running Windows Server 2012 R2, connected to JBOD via 6 GB/12 GB SAS.3 • Build Windows Server cluster• Create Storage pool• Create Storage Spaces from pool• Create Scale-Out File Server• Create continuously available file shares on the spaces4 File shares provide storage for Hyper-V hosts, accessed over SMB 3.0. Highest performance delivered via SMB Direct (RDMA) and SMB Multichannel. Supports 56 GB+ speeds.1
Windows Server 2016—new architectureConverged (disaggregated) architecture with Storage Spaces DirectArchitecture allows for scaling Hyper-V clusters (compute) and Scale-Out File Server cluster (storage) independentlyFile shares provide storage for Hyper-V hosts, accessed over SMB 3.0. Highest performance delivered via SMB Direct (RDMA) and SMB Multichannel. Supports 56 GB+ speeds.2Industry standard x86 servers, with local SSD and HDD. Servers are connected together with 10GBE. SATA and NVMe drives supported.• Build Windows Server cluster• Enable Storage Spaces Direct• Create Storage pool• Create Storage Spaces from pool• Create Scale-Out File Server• Create Continuously Available file shares on the Spaces• Optimize for Storage Spaces Direct1SMB storage fabricHyper-V clusterStorage Spaces Direct with Scale-Out File Server 12http://itproguru.com/expert/2016/03/everything-you-need-to-know-about-state-of-the-art-ssd-drives-nvme-pcie-m2-with-paul-braren-and-itproguru/
Reliability, scalability, flexibility • Fault tolerance to disk, enclosure, node failures• Scale pools to large number of drives• Simple and fine grained expansion• Fast VM creation and efficient VM snapshotsUse cases• Hyper-V IaaS storage• Storage for backup and replication targets• Hyper-converged (compute and storage together)• Converged (compute and storage separate)Cloud design points and management• Standard servers with local storage• New device types such as SATA and NVMe SSD• Prescriptive hardware configurations• Deploy, manage, and monitor with SCVMM, SCOM, and PSStorage Spaces DirectSoftware-defined storage using industry standard servers with local storageSMB storage fabricHyper-V clusterStorage Spaces Direct with Scale-Out File Server http://itproguru.com/expert/2016/01/windows-server-2016-preview-storage-spaces-direct-overview/
Windows Server 2016—new architectureHyper-converg d s orag and compute with Storage Spaces DirectHyper-converged stackHyper-V virtual machinesCluster share volumes ReFS file systemStorage spacesStorage poolsSoftware storage busC:\\Cluster storageSMB networkIndustry standard x86 servers, with local SSD and HDD. Servers are connected together with 10GBE. SATA and NVMe drives supported.• Build Hyper-V cluster• Enable Storage Spaces Direct• Create Storage pool• Create Storage Spaces from pool• Create Cluster Shared Volumes• Optimize for Storage Spaces Direct1Compute and storage resources scale and are managed together. Typically small to medium sized scale-out deployments.2
LabDeploying Storage Spaces Direct
Software-Defined Networking
The story so far…Hyper-Vhosts1Physicalswitches 2Virtualnetworks3WindowsServerGateway41 Hyper-V Extensible SwitchInbox NIC teamingSMB 3.0 protocolHardware offloadsConverged networking2 Network Switch Management with OMI3 Virtualized networks with NVGRE4 Windows Server Gateway
The story so far…host networkingHyper-Vhosts1Physicalswitches 2Virtualnetworks3WindowsServerGateway4Extensible SwitchL2 network switch for VM connectivity. Extensible by partners, including Cisco, 5nine, NEC, and InMonInbox NIC teamingBuilt-in, multiple configuration options and load-distribution algorithms including new Dynamic modeSMB MultichannelIncrease network performance and resilience by using multiple network connections simultaneouslySMB DirectHighest performance through use of NICs that support Remote Device Memory Access (RDMA) – high speed, with low latencyHardware offloadsDynamic VMQ load-balances traffic processing across multiple CPUs. vRSS allows VMs to use multiple vCPUs to achieve highest networking speed
OMIOpen Management Infrastructure – open source, highly portable, small footprint, high performance CIM Object ManagerOpen source implementation of standards-based management – CIM and WSMANAPI symmetry with WMI V2Supported by Arista and Cisco, among othersDatacenter abstraction layerAny device or server that implements standard protocol and schema can be managed from standard compliant tools like PowerShellStandardizedCommon management interface across multiple network vendorsAutomationStreamline enterprise management across the infrastructureThe story so far…switch managementHyper-Vhosts1Physicalswitches 2Virtualnetworks3WindowsServerGateway4
The story so far…virtual networksHyper-Vhosts1Physicalswitches 2WindowsServerGateway4Virtualnetworks3Network VirtualizationOverlays multiple virtual networks on shared physical networkUses industry standard Generic Routing Encapsulation (NVGRE) protocolVLANsRemoves constraints around scale, mis-configuration, and subnet inflexibilityMobilityComplete VM mobility across the datacenter, for new and existing workloadsOverlapping IP addresses from different tenants can exist on same infrastructureVMs can be live migrated across physical subnetsAutomationStreamline enterprise management across the infrastructureCompatibleWorks with today’s existing datacenter technologies
The story so far…gatewaysHyper-Vhosts1Physicalswitches 2Virtualnetworks3WindowsServerGateway4GatewaysBridge network-virtualized and non-network-virtualized environmentsCome in many forms – switches, dedicated appliances or built into Windows ServerSystem CenterWindows Server gateway can be deployed and configured through SCVMMService Template available on TechNet for streamlined deploymentDeployment optionsSupports forwarding for private clouds, NAT for VM internet access and S2S VPN for hybrid
LabExploring Network Virtualization
Switch-Embedded Teaming (SET)New way of deploying converged networkingNo longer required to create a NIC TeamSwitch must be created in SET-mode (SET can’t be added to existing switch)New-VMSwitch -name SETswitch–NetAdapterName “NIC1”,“NIC2”‑EnableEmbeddedTeaming $trueTeaming integrated into the Hyper-V vSwitchTeaming modes: Switch independent (no static or LACP in this release)Load balancing: Hyper-V port or dynamic only in this releaseManagement: SCVMM or PowerShell, not NIC Teaming GUI in this releaseUp to 8 uplinks per SET: Same manufacturer, same driver, same capabilities (e.g., dual port NIC)
Network ControllerA centralized, programmable point of automation to manage, configure, monitor, and troubleshoot virtual and physical network infrastructure in your datacenterCan be deployed as single VM (lab) or as a cluster of 3 physical servers (no Hyper-V) or 3 VMs on separate hostsInternetNetwork ControllerHyper-V HostVM VMHyper-V vSwitchHyper-V HostVM VMHyper-V vSwitchHyper-V HostVM VMHyper-V vSwitchHyper-V HostVM VMHyper-V vSwitchPhysical Top of Rack SwitchPhysical Top of Rack SwitchInternetDatacenterRouterManagementTool
Network Controller overviewHighly available and scalable server roleSouthbound API for NC to communicate with the networkNorthbound API allows you to communicate with the NCSouthbound APINetwork Controller can discover network devices, detect service configurations, and gather all of the information you need about the networkProvides pathway to send information to the network infrastructure, such as configuration changes that you have madeNorthbound API (REST interface)Provides you with the ability to gather network information from Network Controller and use it to monitor and configure the networkConfigure, monitor, troubleshoot, and deploy new devices on the network by using Windows PowerShell, REST, SCVMM, SCOM etc.Can manageHyper-V VMs & vSwitches, physical network switches, physical network routers, firewall software, VPN gateways including RRAS, load balancers…Physical network infrastructureVirtual network infrastructureManagement applications Network aware applicationsNICNetwork Controller
Network Function VirtualizationNetwork functions that are being performed by hardware appliances are increasingly being virtualized as virtual appliancesVirtual appliances are quickly emerging and creating a brand new marketDynamic and easy to change because they are a pre-built, customized virtual machineIt can be one or more virtual machines packaged, updated, and maintained as a unit• Can easily be moved or scaled up/down• Minimizes operational complexityMicrosoft included a standalone gateway as a virtual appliance starting with Windows Server 2012 R2App/WAN OptimizersFirewall & antivirusS2S GatewayLoad balancersRouters & switchesL2/L3 GatewaysDDoS & IPS/IDSNAT & HTTP Proxy
Scalable and availableProven with Azure—scale out to many Multiplexer (MUX) instances, balancing billions of flowsHigh-throughput between MUX and virtual networksHighly availableSupports North/South and East/West load balancingUtilizes Direct Server Return for high performance Software Load Balancer (SLB)Flexible and integratedReduced capex through multi-tenancyAccess to physical network resources from tenant virtual networkLayer 3 and layer 4 load balancingSupports NATEasy managementCentralized control and management through Network ControllerEasy fabric deployment through SCVMMIntegration with existing tenant portals via Network Controller—REST APIs or PowerShell NetworkControllerBlue virtual networkPurple virtual networkGreen virtual networkSLB MUXSLB MUXEdge routing infrastructure
Datacenter FirewallIncluded within Windows ServerIt is a network layer, 5-tuple, stateful, multitenant firewallProtocolSource and destination port numbersSource and destination IP addressesTenant administrators can install and configure firewall policies to help protect their virtual networksManaged via Network Controller and northbound APIsProtects East/West and North/South traffic flowsGatewayHost 1 Host 2vSwitch vSwitchVM1 VM2 VM1 VM3 VM2 VM3vNICsNIC NIC NIC NICvNICsPowerShellNetwork ControllerNorthbound Interface (REST APIs)Southbound InterfaceDistributed Firewall ManagerPolicies Policies
Datacenter FirewallHighly scalable, manageable, and diagnosable software-based firewallFreedom to move tenant virtual machines to different compute hosts without breaking tenant firewall policiesDeployed as a vSwitch port host agent firewallTenant virtual machines get the policies assigned to their vSwitch host agent firewallFirewall rules are configured in each vSwitch port, independent of the actual host running the virtual machineGuest OS agnosticProtect traffic between VMs on same/different L2 subnetsGatewayHost 1 Host 2vSwitch vSwitchVM1 VM2 VM1 VM3 VM2 VM3vNICsNIC NIC NIC NICvNICsPowerShellNetwork ControllerNorthbound Interface (REST APIs)Southbound InterfaceDistributed Firewall ManagerPolicies Policies
Resources
ResourcesRegister for another IT Innovation Series event Further topics: Windows 10, Azure and more.• aka.ms/ITInnovationContinue your learningDownload the Windows Server 2016 Technical Preview.• aka.ms/ITInnovationResourcesKnow someone who wants to learn more about the Cloud?Tell them to get started at the Microsoft Cloud Roadshow.• www.microsoftcloudroadshow.com
Lab environmentPassword = Passw0rd!Lab URL: https://aka.ms/itiAccess Code: ITI1591Evaluations: http://aka.ms/tnthybridcam
© 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing marketconditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.TechNet on Tour| Cloud Infrastructure Event Wrap-UpFor a online copy of the Fundamentals of Azure book, please download here: aka.ms/fundofazurebook
Provide the email you used to register for this event, select the attendee evaluation and complete the evaluation. Thank you for your feedback! © 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing marketconditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.TechNet on Tour | Hybrid Cloud Attendee EvaluationPlease take a few minutes to answer our short survey BEFORE you leave the event today! To receive the evaluation link for this event, text MICROSOFT CAMBRIDGE to 878787. By doing so you agree that Microsoft can send you an automated message to this mobile phone. If unable to access the evaluation through the QR code on your name badge, you can access the evaluation here: http://aka.ms/tnthybridcam
© 2015 Microsoft Corporation. All rights reserved.
Controller Networking Events Students
Yıl : 2020
Anahtar Kelimeler
Daha fazla görüntüle