Escolar Documentos
Profissional Documentos
Cultura Documentos
Microsoft Learning
Ignite | May 4 8, 2015 | Chicago,
IL
Mark Grimes | MCS | MCT
Exam Preparation
70-534
Mark Grimes
Senior Consultant
Microsoft Consulting Services
Aka.ms/certification/70-534
Key Takeaway 1
Increase participants ability to successfully prepare for and pass, Exam 70-534
Key Takeaway 2
Understand architectural decisions for Microsoft Azure solutions
Azure Certification
Three Exams = MCSD: Azure Solutions Architect = BRAND
NEW!
http://bit.ly/Ignite-CertApp
Breakdown
Mark Grimes
Design Websites;
Secure
17%
Resources; 17%
70-534
Implement Websites
Design Websites
Implement Cloud Services
Implement Storage
Design an Application Storage and Data Access Strategy
Implement Cloud Services
Implement Virtual
Networks
Implement an Azure AD
Implement Virtual
Machines
App Services
Virtual Machines
Web Sites
Media Services
Service Bus
Mobile Services
Cloud Services
Web Roles
Worker Roles
Notification Hubs
Scheduler
Data
Services
Storage
SQL Database
HDInsight
Cache
Automation
BizTalk Services
BizTalk Hybrid Connections
Visual Studio Online
Active Directory
Multi Factor Authentication
API Management
Azure RemoteApp
Network
ExpressRoute
Virtual Network
Traffic Manager
CDN
SDKs
.NET
Java
PHP
Python
Node.js
Ruby
Virtu
al
Netw
orks
and
Servi
ces
Azur
e
Com
pute
VPN
&
Expr
ess
Rout
e
Azur
e
Servi
ces
Regional Availability
2 Regional Datacenters per Geographic Area
16 Buildings per Region
~600,000 Servers per region
Fiber Infrastructure
High Availability
Microsoft
Azure
Office
365
Consumer
(Hotmail,
OneDrive,
etc.)
Other
Business
(CRM, etc.)
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
MS IT
DHCP
Public IP Addresses in Azure Pool
Public IP to Every VM = PIP
IP to Cloud Services = VIP or Reserved IP is STICKY!
Can Move IPs across cloud services
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Understand ACLs
Can Secure VM with input ACLs
Can Permit or Deny
Think Packet Filtering
For Endpoints only
Can also configure with PS
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Compute
IaaS
Infrastructure-as-a-Service
Storage/Compute/Network
PaaS
Infrastructure-as-a-Service
-faster, cheaper, lower risk
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Compute
Machine
Classifications
A Family
Highest value VM Size
Basic and Standard Sizes
General Purpose and High Memory
G Family
D Family
60% faster CPU
Intel processor
MICROSOFT CONFIDENTIAL INTERNAL
Up to 112 GB MemoryLatest generation
O N LY
Cloud Service is a management, configuration, security, networking and service model boundary
ROLES
VM1
VM2
VM3
WORKER ROLE
VM4
VM5
VM
INSTANCES
WEB ROLE
Virtual Machines
CLOUD SERVICE
VIRTUAL MACHINE
VM
Multiple Virtual Machines can be hosted within the same cloud service
CLOUD SERVICE
VIRTUAL MACHINE
VIRTUAL MACHINE
VM
VM
Azure Compute
Fault Domains
Represent groups of resources anticipated
to fail together i.e. Same rack, same server
Fabric spreads instances across fault at least
2 fault domains
Update Domains
Represents groups of resources that will be
updated together
Host OS updates honour service update
domains
Specified in service definition
Default of 5 (up to 20)
Availability Sets
VMs in separate Fault Domains
MICROSOFT CONFIDENTIAL
SLA 99.95 | HW SW | Windows & Linux
I N T E R N A L O N LY
Customer
Secure point-to-site
connectivity
Secure site-to-site
VPN connectivity
Private site-to-site
connectivity
ExpressRoute
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Azure Cache
Provides super fast data access
3 Flavors: Azure Redis, Managed Cache Service
In-Role Cache
MFA
Requires verification
Mobile App, phone call, SMS
With Azure AD or customer apps/directories (SDK)
On-premises option available
Service Bus
Hosted Communications Infrastructure
Relayed and Brokered messaging
Reliably stores messages until other side
ready
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Media Services
Scalable media management and delivery of applications
Secure upload, store, encode & package data
Both on-demand and streaming
CDN
Global Solution
Deliver High Bandwidth Content
Provide Maximum bandwidth
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Secure Resources
Usin
g
Hybr
id
Iden
titie
s
Usin
g
Man
age
d
Iden
titie
s
Data
Sec
urity
Solu
tion
Role
Bas
ed
Acce
ss
Stra
tegy
OAuth
AuthZ web apps and web APIs in Azure AD Tenant
Access authorization, role-based assignment
for app and user authorization
OpenID Connect
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
DirSync Replication
Synchronization between On-premises and Azure AD
Filtering by OU and or Attributes
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Data at Rest
Includes: Storage Objects, containers % Physical Media
2 Types: Data in Production and not e.g. VHD
Secret keys all stored in Directory
Encrypted using Distributed Key Manager (DKM)
See Protecting Data in Microsoft Azure
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Mobil
e
Servi
ces
Push
Notifi
catio
n
Web
API
Data
Acce
ss
Strat
egy
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
X-Plat SDKs
HTML5/JS
Xamarin
Phonegap
Sencha
Data
SQL
REST API
Windows
iOS
Android
Offline
Sync
Office
365
Salesforc
e
Dynamics
Tables
Mongo DB
On-premises
User Authentication
Faceboo
k
Microsoft
Googl
e
Azure
Active
Directory
Directory
Push Notifications
Node.js
Express
.NET
Web API
Androi
Window
d
s
Chrom
e
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
iOS
OSX
Kindle
In-app
O N LY
Streaming Capabilities
Ingest, Preview, Store, Deliver Content
2 Encode Options
Encode directly to Smooth Streaming
Encode to MP4 and then convert to Smooth Streaming
Use Common Protocols e.g. MPEG DASH, Smooth, HLS, HDS
Or to a Content Delivery Network for further Distribution scale to millions
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Monitoring Services
Blobs only supported storage type
Monitor Blob, Table and Queue Services
3 Levels
Minimal - Collects metrics such as ingress/egress, availability, latency, and success percentages,
which are aggregated for the Blob, Table, and Queue services.
Verbose - In addition to the minimal metrics, collects the same set of metrics for each storage
operation in the Azure Storage Service API. Verbose metrics enable closer analysis of issues that
occur during application operations.
Of - Turns off monitoring. Existing monitoring data is persisted through the end of the retention
period.
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Integr
ate
Azure
Servic
es
Create Compute-intensive
Design
High Performance Computing (HPC)
applications
HPC Pack 2012 R2
Microsoft MPI 2012 R2
Scheduler
Deployment Options
Hybrid with On-premises
Microsoft Azure exclusively
Parametric Sweep
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Big Data
HDInsight service that deploys and provisions Apache Hadoop clusters in the cloud
Provides Software Framework to manage, analyze and report on big data
Media Services
Scalable Media Management and Delivery Applications
Can Securely upload, store, encode and package audio/video content
OnDemand or Streaming
Azure Search
Delegates Server and Infrastructure Management
CROSOFT CONFIDENTIAL INTERNAL
Ready to us service to populateM I search
data
O N LY
Design Websites
Scalab
ility &
Perfor
manc
e
Deplo
y
Websi
tes
Busin
ess
Contin
uity
VMs
Need Affinity Group and LB to prevent simultaneous restarts for maintenance or HW fails
Cloud Services
Better for more control over web server env
Remote into Server or Startup Tasks
For all the Above See
Websites, Cloud Services and Virtual Machines Comparison
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Deploy Websites
Implement Azure Site
Extensions
Site extensions are web apps with simple
metadata for extension registration.
Can be authored for any development stack
supported by the Azure Websites platform
An extensible management end point per
Azure Website
Source code editors e.g. VSO for connected
resources such as a MySQL database
Available per website in Azure Preview Portal:
Packaged in NuGet format
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Deploy Websites
Create Packages
Continuous Delivery w/ VSO
Use Tem Foundation Version Control (TFVC) for source control
Deployment Slots
STANDARD mode websites required
Staging Slot
Production Slot
Web Deploy
Older IIS Extension method to Export and Import
Monit
oring
Strate
gy
BC/DR
Capab
ilities
Desig
n DR
Strate
gy
Azure
Autom
ation
and
PS WF
Autom
ation
Use
Cases
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Webtest Upload
Tra
nsa
ctio
n
ion
Transact
Application
/
d
l
i
Bu loy
p
De
Webtest
Work Items
IntelliTrace
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Alerts
nce
a
m
or
Perf
lity
i
b
a
i
Rel
ity
l
i
b
a
l
Avai
Webtest
Global Service
Monitor
Team
Foundation
Server
Hybrid Cloud
Seamless Integration:
Private Cloud to
Service Provider Cloud
Windows Azure
ASR
WHEN TO USE: 2nd Site / Use SCCMM, Unprotected workloads
WHEN NOT: Workload requires synchronous replication, data outside of VHD
Workload needs to recover physical servers, beyond Hyper-V replicas capabilities
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
StorSimple
Proprietary Device | Multiple Tiers
Cloud Integrated Storage (CiS)
Seamless view of ALL Enterprise Storage | Windows and VMWare
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Chef
Configure and Automate. Apply Fine Grained Permissions
https://www.chef.io/solutions/windows/
Puppet
Can Configure and Manage Windows and Azure
http://puppetlabs.com/solutions/microsoft
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
Key Takeaway 1
Increase participants ability to successfully prepare for and pass, Exam 70-534
Key Takeaway 2
Understand architectural decisions for Microsoft Azure solutions
Resources
Microsoft Learning Site (
http://bit.ly/Ignite-Learning)
Your one-stop location for info on all available Microsoft certifications, training, and
http://bit.ly/Ignite-VirtAcad)
http://bit.ly/Ignite-CertApp)
Interactive Windows 8.1 app, to help you choose and traverse your path
http://aka.ms/certification/70-534
Extra Study
Slides
70-534
ExpressRoute vs VPN
Virtual Network (Point-to- Virtual Network (Site-to- ExpressRoute
site)
site)
Exchange Provider
ExpressRoute Network
Service Provider
Azure services
supported
Cloud ServicesVirtual
Machines
Cloud ServicesVirtual
Machines
Typical
Bandwidths
Protocols
Supported
Routing
Static
IPsec (
Direct connection over
Refer to VPN page for more VLANs
details
)Static We support policy BGP
based (static routing) and
route-based (dynamic
routing VPN)
Connection
resiliency
Active-passive
Active-passive
Active-active
Active-active
Typical use cases Prototyping, dev / test / lab Dev / test / lab scenarios
scenarios for cloud services and small scale production
and virtual machines
workloads for cloud
services and virtual
machines
M I C R O S O F T C O N F I D E N T I A L I N T E R N A L O N LY
BGP
Memory
Intensive VMs
Compute
Intensive VMs
Compute Instance
Name
Extra Small (A0)
768 MB
Small (A1)
1.75 GB
Medium (A2)
3.5 GB
Large (A3)
7 GB
14 GB
Compute Instance
Name
Virtual
Cores
RAM
A5
14 GB
A6
28 GB
A7
56 GB
Compute Instance
Name
Virtual
Cores
RAM
Networking
A8
56 GB
40 Gbit/s InfiniBand
A9
16
112 GB
40 Gbit/s InfiniBand
http://azure.microsoft.com/en
-us/pricing/details/virtualmachines/
Graph API
https://graph.windows.net/contoso.com/tenantDetails?apiversion=2013-11-08
Returnstenant levelInformation
including company name, tech contact,
subscriptions
ttps://graph.windows.net/contoso.com/groups/7373b0af-d462h
406e-ad26-f2bc96d823d9/members?api-version=2013-11-08
https://graph.windows.net/contoso.com/users/adam@contoso.com/
memberOf?api-version=2013-11-08
https://graph.windows.net/contoso.com/users/adam@contoso.com/
manager?api-version=2013-11-08
https://graph.windows.net/contoso.com/users/adam@contoso.com/
directReports?api-version=2013-11-08
https://graph.windows.net/contoso.com/directoryObjects/2bb889
2b-b7bf-4ae9-b2f2-02d9103cb82b?api-version=2013-11-08
https://graph.windows.net/contoso.com/roles?api-version=201311-08
Return Roles
ttps://graph.windows.net/contoso.com/subscribedSkus?apih
version=2013-11-08