1_1How Azure uses Global Foundation Services Datacenters Flashcards
(32 cards)
Topics 1.1.
‘1)Learning about Azure’s global footprints, 2) Understanding the design of cloud-scale data centers, 3) Design for cloud
MCIO = GFS
The team that manages and runs Azure infrastructure is called Microsoft Cloud Infrastructure and Operations (MCIO), formerly known as Global Foundation Service (GFS). Also Microsoft datacenters = Azure Datacenters
Azure global footprints
‘+1 M servers, +3M requests per second. 17 datacenters distributed, 10 languages, 19 currencies
17 Regions
‘1) USA 8, Emea 2, Asia 2, Japan 2, Brazil 1, Australia 2
ZRS
Zone Redundant Storage, 3 copies of your data across 2 or 3 facilities in a single region or two regions
Affinity Group
It is a way to group your cloud sevices by proximity to reduce network latency.
STAMPS
Group of server racks (it’s not an official concept)
Regional Differences
Not all Azure regions provide the same set of services.
Multilanguage support
It’s not tied to specific regions. Full globaly. By aware! many Azure objects don�t allow non-English characters in their names or identifi ers.
Cloud-scale datacenters
A single Azure datacenter can be as big as three large cruise ships placed end to end and host ten of thousands of servers.
Embracing errors
Cloud-scale datacenters use commodity servers to reduce cost. The availability of these servers are low than more expensive ones used in traditional datacenters. Think about thousands! Traditional datacenters design focus on increasing Mean Time Between Failures (MTBF). In Cloud-scale datacenters when a server is failing its workloads are redirected to another healty one. So the design key is focus on Mean Time To Recover (MTTR) instead of MTBF because what customer cares is about the availability of their services, not the hardware. To achieve this AUTOMATIZATION IS THE KEY.
Human Factors
Training, policy reinforcements, contuous monitoring, auditing form foundation of an error-resilent team.
Some Polices
1)Just-in-time administrator accesses and just-enough administrator acceses, 2)Msft staff does not have access to customer data, special grant to access and just for a predetermined window, 3)all activities are monotored and logged
Polices suggested for customers
Suggest best practices and tools such as Azure Active Directory (Azure AD), multifactor authentication, uil-in-Role-Based Access Control (RBAC) with Azure Resource Groups and Azure Rights Management
Azure Automation Options
Azure Management API, Azure PowerShell, Azure Cross-Platform Command-Line Interface (xplat-cli). Azure Automatio services. Also third-party solutions such as Puppet and Chef.
Trust-worthy computing
Challenge for cloud industry. Polices: 1) Pysical security and continuous surveillance, 2)Protection against virus, malware, and DdoS attacks., 3)Activity monitoring, tracing and analysis, and abnormality detection, 4)System patching, 5)Customer data isolation and protection
Security Tools for Customers
1)Data encryption for Azure Storage, Key Vault service to manage security keys.
Azure Security Certifications
1)ISO 27001/27002, 2)FISMA, 3)FedRAMP, 4)HIPPA,5) EU Model Clauses. Adicional info: azure.microsoft.com/en-us/support/trust-center/
Sustainable reliability
1)Power redundancy: UPS, massive battery arrays and generators with on-site fuel reserves. 2)All ecosystem is consider as TCO
Efficiency and Ecology
Microsoft Power Usage Effectiveness (PUE) is 1.125 below industry norm 1.8. Also datacenters are environment-friendly
Design for the Cloud
Cloud bring both challenges and opportunities to design your applications. Challenge is the architecture of your application and opportunity is the Quality of Service (QoS) that Cloud offers.
Datacenter maintenance
Two types of maintenances 1)planned and 2)unplanned
Planned Maintenance
Some cases requires that customer VM to be shut down or rebooted. VM could be configured multi-instance or single-instance.Azure give SLA (Service Level Agreement) only for multi-instance Vms
Multi-instance VM
Multi-instance Vms are joined to a same logical group called an Availability Set. When Azure updates Vms, it guarantees that not all machines in the same Availability Set will be shut down at the same time.
