Případová studie ČEPS AZURE CDR, Provident 4/3/2017 Případová studie ČEPS AZURE CDR, Provident Ladislav Šolc, Matouš Rokos Mainstream Technologies
Agenda Úvod – Microsoft Azure Popis platformy a jejich možností Popis řešení Provident Financial Popis řešení ČEPS CDR AZURE Ukázka Další scénáře možností MS AZURE - ukázky
Cloud OS Moderní platforma pro světové aplikace ZÁKAZNÍK POSKYTOVATEL SLUŽEB WINDOWS AZURE Transformuje datacentra. IT orientované na uživatele. 1 KONZISTENTNÍ PLATFORMA Přináší přehled o všech datech. Podporuje moderní aplikace. With this transformation underway, the traditional approaches to IT are no longer adequate. Customers need a different approach in this new era of IT. Microsoft’s Cloud OS vision is to provide customers with one consistent platform for infrastructure, apps and data - spanning customer datacenters, hosting service provider datacenters, and the Microsoft public cloud. They need a unified strategy and a consistent platform that: Transforms the Datacenter: …in many ways moving the unit of compute from the single server to the datacenter level. Customers need an infrastructure which provides a generational leap in agility, elasticity, and scalablity across a set of shared resources with more automation and self-service. Customers are also focused on Enabling Modern Apps: Today’s apps need to interact with other apps built on multiple platforms and languages; and they need to live on-premises or off-premises and be delivered out to multiple devices. With the explosion of data, customers need a platform that Unlocks Insights on Any Data. To better compete, customers need to tap into growing data volumes, especially with unstructured data, or “Big Data”, to ask new questions and discover new data sources which they can combine with existing data for new insights. And finally with the proliferation and range of new devices, companies need to Empower People-Centric IT. Today’s users expect to be productive wherever they choose, on whatever device they choose, and IT needs to easily manage these devices and securely deliver apps and data in an extended, mobile environment. And at Microsoft, we have been learning by delivering global scale services from our datacenters what is required from this new era of IT, and we have taken what we’ve learned, together with the trends and technology innovations, and built them into our core products to deliver the modern platform, which we call the Cloud OS. Our unique experience in running massive online services is at the heart of the Cloud OS and the heart of our products. We engineer these products from the “cloud up” which means every customer benefits from what we’ve learned. And this is not just about the software that we provide to our customers to run in their IT environments. This is fundamentally about consistency. Only Microsoft provides a consistent platform across customers’ datacenters, the Windows Azure datacenters run by Microsoft, and hosted IT environments run by service providers. This is really a unique and differentiated approach for our company. This consistency spans many facets including: How apps are developed in a flexible way, including Microsoft and open source Providing a unified and consistent management approach across these datacenters. And a complete data platform. Having a common identity and security approach. That enabled integrated virtualization VÝVOJ SPRÁVA DATA IDENTITA VIRTUALIZACE
Zkušenosti Microsoftu s cloudem 4/3/2017 Zkušenosti Microsoftu s cloudem Windows Server Windows Azure These consistent capabilities make the Cloud OS unique. So does the fact that the Cloud OS is deeply informed by our first-hand experience running 200+ cloud services for 1+billion customers and 20+ million businesses around the world. Ultimately a firm can only truly deliver this type of innovation if it has the track record and direct experience in building and running large datacenters and online services. Of course at Microsoft, we have an unrivaled experience in doing just that, across services such as Office 365, Xbox Live, Bing and a host of other major online services including our cloud platform, Windows Azure. We have learned and proven how to drive down cost through a combination of software, hardware innovation and extreme automation. We also learned how to maintain efficient, high availability services on industry standard hardware. And this innovation and know-how from running these online services provides us a unique perspective on the challenges our customers face. This learning makes its way into the software we sell such as Windows Server and System Center, creating a virtuous cycle that enables us to provide market-leading capabilities for our customers. Our breadth of experience across private, public and hybrid cloud is unmatched, whereas other vendors tend to specialize in one or another area. We run over 200 online services to hundreds of millions of people globally 24/7 such as MSN, Bing, Outlook.com, and Office 365. We consume data from those datacenters to drive rich analytics to improve customer experience. And of course our work with Windows Azure creates a virtuous cycle that brings even more of this feedback into our Windows Server development process. Bing had already deployed Windows Server 2012 even before RTM. It has been powering all of the Bing searches since the RC release earlier this year, handling over 5.5 billion search queries each month. Windows Server 2012 is battle tested. And this is extended with Office 365 and its use of Active Directory and Xbox Live with its use of the virtual GPU in Windows Server. These services and more are consuming services from Windows Server and in turn providing a unique feedback loop that makes Windows Server more capable. Only Microsoft can say this. Optional factoids: Windows Azure is available in 89 countries around the world. 5.5 billion+ Bing queries monthly 350 million active Hotmail accounts 40 million XBOX Live users 200+ global, 24x7, online services 135k Dynamics CRM users © 2012 Microsoft Corporation. Všechna práva vyhrazena. Microsoft, Windows a další názvy produktů jsou nebo mohou být registrované ochranné známky nebo ochranné známky ve Spojených státech amerických a v dalších zemích. Uvedené informace slouží pouze k informačním účelům a představují současný postoj společnosti Microsoft Corporation v době uskutečnění této prezentace. Jelikož je společnost Microsoft nucena reagovat na měnící se podmínky na trhu, tyto informace by neměly být považovány za závazné. Společnost Microsoft nemůže zaručit přesnost uvedených informací po datu uskutečnění této prezentace. SPOLEČNOST MICROSOFT NEPOSKYTUJE NA INFORMACE UVEDENÉ V TÉTO PREZENTACI ŽÁDNÉ VÝSLOVNĚ UVEDENÉ, IMPLICITNĚ PŘEDPOKLÁDANÉ ČI ZÁKONNÉ ZÁRUKY.
Vlastní zkušenosti do vašeho datacentra 4/3/2017 Windows Server Windows Azure Vysoce výkonné úložiště využívající standardní hardware Vysoce dostupné souborové úložiště Prostory úložiště s automatickým tieringem Clustering sdílených hostovaných VHDX Multiklientská prostředí s izolací Měření prostředků Vysoká hustota webů a virtuálních počítačů Softwarově definované sítě Virtualizace sítě Hyper-V a multiklientská brána pro propojení sítí s využitím protokolu QoS Automatizace založená na zásadách Aktualizace s ohledem na cluster Dynamická optimalizace Aplikace a web Škálovatelnost využívající technologii NUMA Podpora otevřených standardů a více jazyků These are but illustrative examples (there’s a lot more) of how we’ve implemented our core learnings from operating large scale cloud services as capabilities/features within Windows Server so you can also benefit from the resulting agility and cost benefits. We’re committed to this approach as we continue the journey towards realizing our Cloud OS vision. 1. High performance storage on industry-standard hardware File & storage services – Microsoft’s large scale cloud services implement hot-hot nodes in many cases so the application services can seamlessly failover in case of node failures. Analogously, Active-On technologies in Windows Server 2012 are those capabilities than can survive the failure of a key component without disrupting the service provided - for example, the File and Storage Services server role can be deployed in an active- active cluster which can endure the failure of a server while maintaining connectivity for clients. Even open file handles are maintained. Offloaded data transfer – This feature came about by applying a key design principle that Windows Azure uses to Windows Server 2012, which is to push work to hardware as much as possible so CPU cycles can be optimally leveraged for the hosted application. Storage spaces - We routinely provision commodity hardware in our pods thereby making hardware failure a non-event; we wanted to provide enterprise customers with the ability to easily and flexibly provision inexpensive storage. Windows Server 2012 enables you to use file servers for even critical workloads like Hyper-V server and SQL with arguably similar reliability and performance characteristics as more expensive storage (e.g. SAN). 2. Multi-tenant environments with isolation Server core - Small footprint with server core so you do not have to worry about updating or fixing unnecessary code, meaning less churning or required reboots for the host. This is similar to how we designed the Windows Azure hypervisor where we’ve only retained (and optimized) critical code paths that are applicable to large scale cloud scenarios. Hyper-V Network Virtualization - Windows Azure was designed from the ground up to be multi-tenant environment with isolation given that it hosts apps and infrastructure that belongs to different customers. Over time, it became increasingly evident that this same requirement would be pertinent to enterprises implementing cloud infrastructure (albeit at smaller scale) given the need to distinguish between infrastructure allocated to different departments, integrating infrastructure from acquisitions, assigning costs etc. We then built the ability to isolate networks logically in multi-tenant enterprise environments with Hyper-V using similar architectural considerations. Web-sites & virtual machines - These are great examples of how we’ve bought consistent experiences and cloud-optimized services from Windows Azure to Windows Server and System Center environments. 3. Software-defined Networking Hyper-V Network Virtualization - The network virtualization features within Windows Azure and Windows Server enable customers to easily extend their on-premises datacenters into third party datacenters (e.g. Windows Azure or service providers) by allowing for flexible placement of VMs along with the ability to continue using the same IP address. Cross-premises connectivity- The cross-site connectivity capabilities offered by Windows Server 2012 and Windows Azure (Windows Azure Virtual Network) complement each other well for VPN-like scenarios. Network QoS – Windows Server 2012 provides the ability to programmatically adhere to a given SLA by guaranteeing minimum bandwidth available to a VM or a port. We’re assessing how to implement this in Windows Azure (albeit at a much larger scale) to shift from “best effort” to quality of service guarantees, thus providing an example of this bi-directional virtuous learning between our platforms. 4. Policy based Automation Cluster aware updates (CAU) – Windows Server 2012 lowers downtime by coordinating software updates on all servers in a failover cluster while maintaining continuous availability as appropriate. For example, in case of applications with continuous availability features such as Hyper-V with live migration, or an SMB 3.0 file server with SMB Transparent Failover, CAU can coordinate automated cluster updating with no impact on service availability. This is very similar to Windows Azure which offers the ability to maintain high availability for its cloud services (e.g. web role/worker role) and virtual machines through Upgrade Domains (UD) and Availability sets. Dynamic optimization – System Center 2012 - Virtual Machine Manager provides the ability to load balances the resources within a host cluster automatically using a policy based approach (e.g. move workloads VMs between hosts based on defined CPU, memory, or I/O thresholds). Such policy based automation is implemented by the Windows Azure Fabric Controller too using various load balancing approaches. 5. Application elasticity Service templates – Similar to how an application owner (or developer) can specify application instance counts and scale thresholds in Windows Azure, service templates in System Center enable application owners to specify similar parameters that enable scaling the application once relevant thresholds are reached. A celá řada dalších funkcí... © 2012 Microsoft Corporation. Všechna práva vyhrazena. Microsoft, Windows a další názvy produktů jsou nebo mohou být registrované ochranné známky nebo ochranné známky ve Spojených státech amerických a v dalších zemích. Uvedené informace slouží pouze k informačním účelům a představují současný postoj společnosti Microsoft Corporation v době uskutečnění této prezentace. Jelikož je společnost Microsoft nucena reagovat na měnící se podmínky na trhu, tyto informace by neměly být považovány za závazné. Společnost Microsoft nemůže zaručit přesnost uvedených informací po datu uskutečnění této prezentace. SPOLEČNOST MICROSOFT NEPOSKYTUJE NA INFORMACE UVEDENÉ V TÉTO PREZENTACI ŽÁDNÉ VÝSLOVNĚ UVEDENÉ, IMPLICITNĚ PŘEDPOKLÁDANÉ ČI ZÁKONNÉ ZÁRUKY.
Microsoft Datacenter Scale Multiple global CDN locations Dublin Amsterdam Quincy Chicago Japan Hong Kong Boydton Des Moines San Antonio Singapore Quincy, Washington: approx 500K sq ft, 27MW, uses entirely hydro-electric power San Antonio, Texas: approx 477K sq ft, 27MW, uses recycled water for cooling Chicago, Illinois: 707,000 square feet with critical power of 60 MW, uses water side economization, containers Dublin, Ireland: approx 570K sq ft, up to 27MW, uses outside air for cooling. "Datacenters have become as vital to the functioning of society as power stations." The Economist
Moderní datová centra 3. až 5. generace
Cloudové služby Packaged Software Infrastructure Platform Software Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service) Platform (as a Service) Managed by vendor You manage Storage Servers Networking O/S Middleware Virtualization Applications Runtime Data Software (as a Service) Managed by vendor Storage Servers O/S Middleware Virtualization Applications Runtime Data Networking Applications Data You manage Runtime Middleware O/S Slide Objectives: Explain the differences and relationship between IaaS, PaaS, and SaaS in more detail. Speaking Points: Here’s another way to look at the cloud services taxonomy and how this taxonomy maps to the components in an IT infrastructure. Packaged Software With packaged software a customer would be responsible for managing the entire stack – ranging from the network connectivity to the applications. IaaS With Infrastructure as a Service, the lower levels of the stack are managed by a vendor. Some of these components can be provided by traditional hosters – in fact most of them have moved to having a virtualized offering. Very few actually provide an OS The customer is still responsible for managing the OS through the Applications. For the developer, an obvious benefit with IaaS is that it frees the developer from many concerns when provisioning physical or virtual machines. This was one of the earliest and primary use cases for Amazon Web Services Elastic Cloud Compute (EC2). Developers were able to readily provision virtual machines (AMIs) on EC2, develop and test solutions and, often, run the results ‘in production’. The only requirement was a credit card to pay for the services. PaaS With Platform as a Service, everything from the network connectivity through the runtime is provided and managed by the platform vendor. The Windows Azure best fits in this category today. In fact because we don’t provide access to the underlying virtualization or operating system today, we’re often referred to as not providing IaaS. PaaS offerings further reduce the developer burden by additionally supporting the platform runtime and related application services. With PaaS, the developer can, almost immediately, begin creating the business logic for an application. Potentially, the increases in productivity are considerable and, because the hardware and operational aspects of the cloud platform are also managed by the cloud platform provider, applications can quickly be taken from an idea to reality very quickly. SaaS Finally, with SaaS, a vendor provides the application and abstracts you from all of the underlying components. Virtualization Managed by vendor Servers Storage Networking
Veřejný cloud Windows Azure big data database storage traffic VMs caching messaging identity Veřejný cloud Windows Azure Škálovatelnost Samobslužnost Přidávání nových zdrojů media CDN networking websites
Ukázka Azure management portal
Provident Financial, s.r.o. a Microsoft Azure 4/3/2017 Provident Financial, s.r.o. a Microsoft Azure Ladislav Šolc, Pavel Pivoňka Mainstream Technologies, Provident Financial
Provident Financial Společnost Provident Financial byla založena ve Velké Británii již v roce 1880, v České republice působí už od roku 1997. Za tu dobu získal Provident pověst spolehlivého a férového poskytovatele rychlých nebankovních půjček.
Projekt Exchange Litigation Hold Zákazník hledá efektivní řešení Z legislativních důvodů a důvodů požadavků regulátora je povinnost udržovat určité informace až po dobu 10 let pro případy právních sporů, důkazních procedur a podobně A legal hold is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated. Dodavatel navrhuje Microsoft Azure Mainstream Technologies navrhnul řešení s využitím Microsoft Azure ve scénářích Data storage, Data backup, IaaS pro virtuální Exchange s využitím funkce Exchange Litigation Hold
Provident – Legal hold Řešení splňuje požadavky regulátora Nároky na storage se budou realizovat postupně dle skutečných požadavků Cenově efektivní řešení a StorSimple Cenově vyhovující varianta
Hybridní Cloud - Provident COMMON Hybridní Cloud - Provident VEŘEJNÝ CLOUD Exchange v MS Azure Microsoft is unique in that we offer solutions that span both the public and private clouds with Windows Server and Windows Azure – our goal is to provide both a common set of infrastructure including identity, virtualization, management, and developer tools and symmetry between public and private clouds Identity Every organization needs to manage identity inside their business and wants to enable seamless and secure access across both private and public cloud resources. Windows Azure Active Directory enables you to easily leverage your existing AD investments and configuration inside Windows Azure for a single sign-on experience. In addition, Windows Azure AD supports brokering “consumer” identity for your application by simplifying how you work with identity providers like Facebook, LinkedIn and Windows Live ID. Virtualization Windows Azure has introduced a complete Infrastructure as a Service (IaaS) solution which enables portability of on-premise virtual machines to the cloud. Now IT professionals can easily migrate virtualized servers from on-premises to and run it inside Windows Azure. Management IT Managers now must deal with an even more complex environment as there applications and VM’s can span across both their datacenters and Windows Azure. With System Center you can have a “single pane of glass” view that enables the management, operations, and monitoring of your servers AND applications across both the public and private cloud in one familiar interface. Development In addition to identity, virtualization and management Microsoft provides a common development experience across the public and private cloud including our flagship Visual Studio and .NET platform but also support for Java with Eclipse, and other open source languages. Datové centrum Lokální stirage - StoreSimple Exchange On-Premise PRIVÁTNÍ CLOUS
Zákazník Pavel Pivoňka, IT manager, Provident Financial Microsoft Azure byla jediná platforma veřejného Cloudu, kde jsme dostali ujištění, že ukládaná data neopustí území EU. Pavel Pivoňka, IT Manager, Provident Financial www.provident.cz
COMMON Demo – StorSimple Matouš Rokos Microsoft is unique in that we offer solutions that span both the public and private clouds with Windows Server and Windows Azure – our goal is to provide both a common set of infrastructure including identity, virtualization, management, and developer tools and symmetry between public and private clouds Identity Every organization needs to manage identity inside their business and wants to enable seamless and secure access across both private and public cloud resources. Windows Azure Active Directory enables you to easily leverage your existing AD investments and configuration inside Windows Azure for a single sign-on experience. In addition, Windows Azure AD supports brokering “consumer” identity for your application by simplifying how you work with identity providers like Facebook, LinkedIn and Windows Live ID. Virtualization Windows Azure has introduced a complete Infrastructure as a Service (IaaS) solution which enables portability of on-premise virtual machines to the cloud. Now IT professionals can easily migrate virtualized servers from on-premises to and run it inside Windows Azure. Management IT Managers now must deal with an even more complex environment as there applications and VM’s can span across both their datacenters and Windows Azure. With System Center you can have a “single pane of glass” view that enables the management, operations, and monitoring of your servers AND applications across both the public and private cloud in one familiar interface. Development In addition to identity, virtualization and management Microsoft provides a common development experience across the public and private cloud including our flagship Visual Studio and .NET platform but also support for Java with Eclipse, and other open source languages.
Případová studie ČEPS CDR AZURE Společnost ČEPS Požadavky na projekt CDR Popis řešení ČEPS VIP Popis projektu Hlavní přínosy
Případová studie ČEPS CDR AZURE Společnost ČEPS - vede elektřinu nejvyššího napětí Akciová společnost ČEPS působí na území České republiky jako výhradní provozovatel přenosové soustavy (elektrická vedení 400 kV a 220 KV) na základě licence na přenos elektřiny, udělené Energetickým regulačním úřadem podle Energetického zákona. Udržuje, obnovuje a rozvíjí 41 rozvoden s 71 transformátory převádějícími elektrickou energii z přenosové do distribuční soustavy a trasy vedení o délce 3508 km s napěťovou hladinou 400 kV a 1910 km s napěťovou hladinou 220 kV. ČEPS dále zajišťuje přeshraniční přenosy pro export, import a tranzit elektrické energie. Společnost se také dlouhodobě aktivně podílí na formování liberalizovaného trhu s elektřinou v ČR i v Evropě.
Případová studie ČEPS CDR AZURE Požadavky na projekt CDR Požadavky regulátora, tedy MPO, resp. státu na nepřerušitelné poskytování služeb u klíčových systémů Vznik projektu Complete Disaster Recovery Všechny klíčové systémy budou funkční i v případě, že nebude dostupná primární lokalita Pravidelné funkční testy Spolupráce mezi dodavateli a týmy ČEPS Časová osa 03/2013 – 11/2013 Návrh řešení byl požadován po dodavatelích Projekt koordinován ze strany společnosti ČEPS Do těchto systémů spadá i veřejný internetový portál (ww.ceps.cz)
Případová studie ČEPS CDR AZURE TechReady 16 4/3/2017 Případová studie ČEPS CDR AZURE Popis řešení ČEPS VIP Prostřednictvím tohoto portálu jsou prezentovány jak statické, tak dynamické informace o společnosti, data o přenosové soustavě a řada webových služeb pro automatické stahování důležitých informací pro partnery společnosti ČEPS. Celé řešení je vybudováno jako zcela autonomní celek, který pomocí integračního nástroje získává data o přenosové soustavě a prezentuje je následně jak vizuálně, tak formou datových konektorů. Požadované SLA 99,99% Výkladní skříň technologií Microsoftu Microsoft Windows Server Hyper-V Microsoft System Center (SCORCH, SCOM, DPM) Microsoft SQL Server Microsoft BizTalk Microsoft SharePoint Microsoft Windows 7 © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
ČEPS VIP – On Premise infrastruktura
Případová studie ČEPS CDR AZURE TechReady 16 4/3/2017 Případová studie ČEPS CDR AZURE Popis projektu CDR Návrh řešení Představení, workshopy, diskuze na úrovni interních týmů Rozhodnutí pro řešení – kalkulace, ROI (SW, HW, Licence) Aktivace AZURE a příprava pro projekt Příprava projektu a zahájení – 09/2013 Příprava architektury Propojení s interní infrastrukturou a MS AZURE Realizace scénáře Akceptační testy Dokumentace, produkce Akceptace 11/2013 Maintanance, Plánované testy 1 až 2x do roka © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
ČEPS VIP – CDR Azure
Případová studie ČEPS CDR AZURE TechReady 16 4/3/2017 Případová studie ČEPS CDR AZURE Hlavní přínosy Nezávislost na primárním datovém centru a ISP Splněné požadavky projektu Complete Disaster Recovery Rychlá realizace Splněné náročné termíny Cenová úspora ROI - 4 letá perioda Aktuální náklady jsou nižší než předpokládané Cold backup scénáře Efektivní snížení výkonových nároků Otevřená platforma pro další rozvoj Testovací scénáře Pilotní a vývojové prostředí Připravenost na nenadále výkonové špičky a nároky 15 až 18% © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Rozhovor se zákazníkem Ing. Jiří Rýznar, Head of Energy and Information Systems Department, ČEPS Řešení realizoval tým odborníků dodavatele ve spolupráci s námi. Byli jsme překvapeni, jak bezproblémově a hladce proběhla implementace, úspěšné testy a samotný hladký provoz. Ing. Jiří Rýznar, Head of Energy and Information Systems Department, ČEPS www.ceps.cz
Ukázka CEPS - Azure management portal Další scénáře - RDS, Pilot, PoC – vytvoření infrastruktury
Případová studie ČEPS AZURE CDR 4/3/2017 Případová studie ČEPS AZURE CDR Ladislav Šolc, Matouš Rokos Mainstream Technologies
Mainstream Technologies