Building Hybrid Clouds with Azure Stack Implementing on-premises Azure infrastructure Markus Klein Susan Roesner BIRMINGHAM - MUMBAI Building Hybrid Clouds with Azure Stack Copyright © 2017 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: August 2017 Production reference: 1230817 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-78646-629-7 www.packtpub.com Credits Authors Copy Editors Markus Klein Stuti Shrivastava Susan Roesner Madhusudan Uchil Reviewer Project Coordinator Mag. Stefan Denninger Virginia Dias Commissioning Editor Proofreader Kartikey Pandey Safis Editing Acquisition Editor Indexer Rahul Nair Rekha Nair Content Development Editor Graphics Sweeny Dias Kirk D'Penha Technical Editor Production Coordinator Vishal Kamal Mewada Aparna Bhagat About the Authors Markus Klein has been working as a senior IT architect at Orange Networks GmbH on Microsoft technology for about 20 years now (and specifically with Microsoft Cloud technology for the last 15 years), starting with System Center, Service Provider Foundation, KATAL, Azure Pack, Azure, and now Azure Stack. In 2011, he founded the Microsoft Cloud community (building clouds community) and has been recognized as an MVP in cloud and datacenter management for the sixth year in a row. He speaks at Microsoft conferences (starting in 2002 at TechEd Germany) and is a regular speaker at conferences in Europe and abroad. His Twitter handle is @Dr_AzureStack. Thank you for all the support from the Microsoft Product Group of Azure Stack and all the people who somehow helped make this book possible. I do not want to add specific names to thank because I might forget someone, which is not my intention. Many thanks to my family for giving me the chance to spend time writing this book and providing you with this information that was, in my opinion, missing in the market. Susan Roesner is a cloud architect with expertise in a wide range of technologies and industries (public and private), including Fortune 500 organizations. Since 2009, she has been working in Microsoft virtualization and Microsoft System Center technology, IT management consulting, focusing on cloud solutions for on-premise enterprise customers as well as hosting provider in addition to compliance aspects. Before joining Bytes at Work GmbH in 2015, she worked as an IT architect consultant, in the financial sector, and in compliance/IT security, working on projects such as SOX and ISMS implementations, on compliance audits (internal and external), and compliance policy/process creation. About the Reviewer Mag. Stefan Denninger is a senior cloud architect with a 20 years’ experience in running IT. In the last few years, he has focused on Hybrid Cloud Solutions because these are the solutions that are most complex and where there is maximum variety. This is the field where he feels comfortable. As he started with networking staff like configuring Cisco Routers and later with MS Biztalk Server bringing Business Processes to modern environments, the bandwidth is perfect for Hybrid Solutions. The latest projects were all based on Microsoft Azure and local Environments such as Azure Pack or even now on Azure Stack. His Twitter handle is @stefandenninger. www.PacktPub.com For support files and downloads related to your book, please visit www.PacktPub.com. Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com, and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details. At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks. https://www.packtpub.com/mapt Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career. Why subscribe? Fully searchable across every book published by Packt Copy and paste, print, and bookmark content On demand and accessible via a web browser Customer Feedback Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review on this book's Amazon page at https://www.amazon.com/dp/1786466295. If you'd like to join our team of regular reviewers, you can e-mail us at [email protected]. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products! Table of Contents Preface 1 Chapter 1: The Microsoft Azure Stack Architecture 7 Cloud as the new IT infrastructure 7 Cloud terminology 8 The Microsoft cloud story 9 Microsoft Azure Stack 10 Technical design 12 Storage Spaces Direct 12 VxLAN networking technology 14 Nano Server 15 Azure Resource Manager 15 PowerShell desired state configuration 19 Azure Stack VMs 20 AzS-ACS01 20 AzS-ADFS01 21 AzS-SQL01 22 AzS-BGPNAT01 22 AzS-CA01 22 MAS-DC01 23 AzS-ERCS01 23 AzS-Gwy01 23 AzS-NC01 23 AzS-SLB01 24 AzS-WASP01 25 AzS-WAS01 25 AzS-XRP01 25 Services summary 26 (Re)starting an Azure Stack environment 26 Resource providers 27 Azure Stack's core management services 28 The authorization management service 28 Subscriptions, Plans, and Offers 29 Plan 29 Offer 30 Subscription 30 Gallery 30 Events 30 Monitoring 30 Usage 31 Using Azure Stack 32 Azure Stack Portal 32 PowerShell commandlets 33 Application programming interface 35 Custom portal for Azure Stack 36 Azure Stack CLI 36 Tools for Azure Stack 36 Migrating services to Azure Stack 37 Azure Website Migration Assistant 37 Virtual Machines Readiness Assessment 39 Virtual Machines Optimization Assessment 40 Summary 40 Chapter 2: Planning the Deployment of Microsoft Azure Stack for Private Clouds 41 Solution design 42 Virtual machines 44 SQL Database as a Service 44 Born-in-the-cloud web apps 45 Cloud Foundry 45 Mesosphere Enterprise Server (DC/OS) 46 Sizing Azure Stack 46 Authentication in Azure Stack 48 Azure Active Directory for Azure Stack 49 Active Directory Federation Services for Azure Stack 50 Choosing the authentication provider 51 Securing Azure Stack 51 Secure by default 51 Certificates 51 Testing/staging environment 52 Role-based access control 53 Key Vault 54 Azure Stack syndication with Azure Marketplace 55 Compliance with Azure Stack 55 Preparing the deployment 57 Monitoring Azure Stack 59 Business continuity with Azure Stack 60 Azure Stack backup concept 60 Location of ARM and portal in Azure Stack 61 Backup and restore your first Azure Stack rack 61 [ ]