Azure VMware Solution Overview

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] welcome everybody i'm jackson felden and will be the moderator for this great session today today is going to be all about azure uh vmware running on azure i have here with me shannon king she's going to take over in a few seconds uh before uh before we start officially with the with the main subject i just would like everybody to do a quick registration if you could scan the um the code and i will i will paste the link in a few seconds going through that quick registration for us is very important here from the cloud launch and learning just to show our work with microsoft and then for you the great thing is microsoft will provide some additional material relevant for the vmware session today and then please do that in a few seconds i will post a link in in two seconds two seconds as well and the next session next week actually i i will be presenting myself the main subject for next week is going to be about zero trust and then we'll be talking about how you can protect endpoint using you know different uh microsoft microsoft basically technologies i would like to do a quick intro as well about our other project that is happening now in november called ideaton we are very excited and the plan is to run a kind of open community uh to design a solution to improve the air quality in bahrain and i will paste the link in a few seconds if you i would like everybody to kind of join us in this kind of community work to to have that job uh job done uh yeah shannon would you like to do a quick intro before i make you kind of full fully life sure sure so i'm shannon keane and i'm a senior cloud advocate at microsoft and one of the big topics that i've spent the last gosh year and a half i think it's been about a year and a half talking about has been the azure vmware solution resource inside of azure okay great um okay i think that's pretty much it from me and i will be here on the kind of you know background shannon if you need anything for me just let me know and everybody watching uh us live now the next two little thing is the first one if you have any questions please just add them on the chat box and we i mean we you sorry shannon will tackle the questions at the end of the presentation and very good news for everybody watching us online as well at the end of the presentation i will post a new link in the brilliant news is everybody can get a free voucher to do microsoft exams i don't need to tell you how important is these days for everybody to get certified make sure you show the world you know this subject and instead to spend let's say loads of money yourself um we are glad microsoft kind of you know is our main sponsor and is giving free voucher for everybody watching live this session okay please stay tuned and i will add the link there is a very quick registration and then from there is the starting point for you to get a free voucher to do pretty much you know any exam it doesn't need to be specifically you know about azure okay guys i think that's pretty much it from me let me add your screen uh here shannon and yeah i believe now your screen is ready to go and yeah okay have a great session i will be here in the background if you need anything from me sure thanks so much so as i had mentioned i'm shannon keane i'm a senior cloud advocate at microsoft if you want to connect with me over the course of time i always recommend connecting with me on linkedin or twitter i tend to post a lot of good content both on azure vmware solution but azure infrastructure in general and i'm a big believer in trying to get information out there so definitely connect and if you've got any questions feel free to send me a direct message so let's talk a little bit about what this service means right because i think folks are understanding vmware they understand azure but the idea that you can run vmware on azure sort of blows your mind up a little bit so the cloud journey has many different entry points right especially when you're starting out there's the immediate cloud need right you need to get out of the data center that you're running on you have to think about that long-term cloud strategy how do we move forward what do we pick which then usually lends itself to a multi-cloud approach most enterprises these days have environments in multiple cloud providers and of course being a part of microsoft i believe in azure but i also believe in the fact that a customer should be able to choose whatever makes the most sense for them so we're seeing a lot of different traction here in terms of the entry points for cloud adoption there's a number of different variables that also impact cloud decisions right so everything from business decisions to economic decisions and when i think of business i think of maybe you're a merger and acquisition company you're thinking about taking in smaller companies making your company larger it's an opportunity to think about should we start moving things to the cloud economic decisions are usually things like i don't want to go and spend money on a brand new server environment those are usually expensive so that then leads itself to should we move things into the cloud plus there's the people discussion do your engineers have enough skills to understand azure outright when we're thinking through the path of applications and in the cloud migration path we want to move from left to right as quickly as possible however and i'm imagining most of you understand this it's not a straightforward path to move from left to the right if we if it would we'd already be in the rebuilding serverless side of things right the first iteration is usually the hardest and that's the rehost prior to azure vmware solution all you had was is now you have azure vmware solution as another dedicated offering and that then helps you related to positioning yourself with an environment inside of azure it's not our first trip to the rodeo though right so if you're looking at azure all up we've got the native ios and pas offerings which allow you to modernize your apps you can think about business critical apps having azure become that dr spot for you and then you've got the scale and the ability to scale on a dynamic schedule within azure and then you've got the seamless integration so backup and disaster recovery you've got security and identity plus management and operations all of the different resources in kind of that bucket help you out with a hybrid approach related to consuming azure now when you're looking at the far right we have a number of different offerings now that show up here this is called our azure dedicated engineering team they are working on the sap dedicated offering the vmware offering skytap netapp and nutanix hopefully what you're seeing is that microsoft is investing pretty significantly to meet infrastructure admins and infrastructure engineers where they are i often feel we do a great job meeting developers where they are not necessarily the same well prior to all of this not necessarily the same and now you're seeing that shift in a good direction for customers that are looking to get out of a data center so azure vmware solution provides you bare metal dedicated nodes to you they're not logically separate and what this allows you to do is it allows you to have the right symmetry in terms of your on-premises environment and azure you can bring your existing applications and you have your familiar platform and then what that winds up becoming is it sort of streamlines the migration path of getting your vms out of your on-premises environment and all the way into azure vmware solution so azure vmware solution helps you accelerate your journey to cloud you've got the reliability and scale of azure that then helps you accelerate migration you're essentially vmotioning a server from on-premises into azure which seems a lot more straightforward than standing up as your migrate and leaning on azure set recovery underneath the hood this allows you to modernize program pragmatically i almost i want to say programmatically and pragmatically together but it allows you to modernize at a time that makes sense for you versus having to drink from the sometimes fire hose of azure right there's a number of different resources there's a lot of different things that engineers have to understand and move toward the the picking azure vmware solution helps you because it allows you to take those same skills and investments and sort of plug it into azure and then you know i'm part of microsoft so we always believe that your enterprise workloads run best on azure so azure vmware solution there's a number of different alignment towards business needs right so we're seeing a lot of different reasons why customers would choose this first things first the i.t expansion data center reduction or retirement that's probably the biggest area that customers realize the value of azure vmware solution from there you could think about having disaster recovery become the next sort of spot for you right the idea of high availability cloud bursting and disaster recovery azure vmware solution can be can help you in terms of your on-premises environment this also lends itself to the seated the speed and simplification of migration so having the ability to vmotion a server from on-premises all the way in azure vmware solution becomes an awesome reality for you if you're trying to think about getting your vms from on-premises all the way into azure and as we talked about that allows you to modernize your apps over time versus having to embrace is understand the different components of is and sort of pick apart the workloads figure out what could potentially go into paths what could potentially go into sas appease your developers right that's usually the next conversation point so you get a chance to modernize over time and then another opportunity for this would be desktop virtualization in the cloud so azure virtual desktop and azure vmware solution those types of things tend to be high discussion points related to a customer's adoption so running vmware natively on azure it blew my mind up a little bit thinking about this right you've got your on-premises data center you've got vcenter vsphere vsan and nsx you'll connect it into azure by way of an express route circuit that dark fiber connection into azure is important and then you build out a software defined data center or an sddc inside of azure and you get the same corresponding infrastructure so you get vcenter vsphere vsan nsx third party dr could be something like site recovery manager right and we consider that third party even though this is a first party offering so site recovery manager reached general availability in july of this year and you could plug that sort of solution into azure vmware solution and really leverage the power of disaster recovery and having your vms fail over into azure when the when the environment deploys it lives on bare metal nodes right those servers are your servers they're not logically separate those servers need to be connected into the microsoft azure backbone network and that happens by way of an expressroup circuit that automatically deploys with the service once your environment is connected into the azure backbone network you can start integrating into all of the great azure services so azure active directory storage azure monitor azure sql database all of the different security pieces right so sentinel security center artificial intelligence lab services really the sky's the limit and i often joke it's sort of like achievement unlocked getting your environment into azure it really is migration made easy though you've in the portal you will create and deploy the avs sddc environment you'll quickly connect that environment you'll utilize hcx that is the migration tool that's what essentially allows vmotion to go across your express route circuit and land all the way in azure vmware solution you can then visualize your vm resources in azure and you get to manage the environment with vsphere you can always go into the portal but you can still manage it with the same tools that you're used to in terms of on-premises workloads once you connect into azure you get the low-latency connection with expressroute you could also think about self-service at scale so a lot of customers might have an additional node that they're allocating towards their environment but they want to spin it up when they have heavier compute times and then remove that node sort of in an automated fashion and then you get to manage the environment with the same vmware tools right so vcenter power cli vrealize it's a really great reality because you're not having to embrace all of the azure services sort of out the gate you get it you get time to understand how that works and that then allows you to modernize your apps over time with azure services and you get uh security monitoring and you can think about monitoring those workloads with azure security center or azure sentinel both are really important it's not one or the other so you get a chance to start to see how your environment is performing once it lands in azure so we reached general availability with the current version back in september of last year and i think i'm remembering it right kova times are a little hard but i think it's september of 2020 this iteration of azure vmware solution reached general availability if you've been paying attention though to azure vmware solution the first go round reach general availability i want to say about a year prior and it's a different version you might have heard of cloud simple cloud simple didn't have as many regions hopefully what you're seeing in this slide here is that microsoft has invested in making this a global solution trying to reach you wherever you are so that you don't have to retool your skill sets as a first step to move into azure the one thing i'll make note of here is everything that shows up as planned shows up on our azure resources by region i think that's what it's called so if you were to google search that information these would show up as planned regions and just note that planned regions are always subject to change so don't plan for it think of it as it might go live but don't plan for it um just make sure that it fully reaches general availability we try to be as transparent as possible so if you were to deploy azure vmware solution right now this is the flavor of what you would get in terms of vser so you get the 6.7 update 3 flavor and the reason being is i think everybody that's familiar with vmware knows that 7.0 is current we are in the process of certifying testing doing this at scale so 6.7 update 3 allows us the flexibility to test go through certifications etc with vmware because even though it's a first party service it has to be certified by vmware so all of that's happening and we have to be able to provide the right environment for customers so we always sort of choose the n minus one flavor meaning 6.7 update three that also offers the most symmetry i see a lot of customers at that version or older versus 7.0 in terms of the hardware specifications on the right we have one sku right now it's the av 36 sku and when you look at these specific specs it should match up to what you would expect for a hyper-converged node the big piece is called at the bottom here right so there's a minimum of three nodes per vsphere cluster there's a maximum of 12 clusters per private cloud a maximum of 16 nodes per vsphere cluster and a maximum of 96 nodes to an azure private cloud instance if you can't rationalize that quickly just know we're prepared to handle big and large enterprise migration movements into azure so you get the familiar vmware technology right vsphere support you get the fully featured networking stack vsphere management vsan nsxt and you get hcx advanced in enterprise the difference is advance allows up to three site pairings into azure vmware solution so if you've got multiple environments three might be the right amount if you've got more than three you do need the hcx enterprise sku but that's an option and that supports up to 10 different site pairings and think of a site pairing as like an ipsec vpn tunnel but it does have to go over an express route circuit then you get the integration with azure right so the management and governance tools the security tools the low latency connectivity into azure you get the full azure ecosystem right the achievement unlocked then there's the single point of support you're not calling vmware and microsoft plus you get to integrate with devops tool chain so i see a lot of customers gravitating towards more automation is better and the idea of moving this environment 100 all the way into azure you're able to sort of integrate with all the right devops tooling to help with that automation momentum then you get the high performance cloud infrastructure you get the elastic infrastructure you can self service in terms of adding additional nodes these are dedicated isolated bare metal nodes and then you've got redundancy and placement control plus security and encryption and that's the security and encryption that's inherent with vmware stack as well as azure stack so it's sort of the best of all of the worlds if you're thinking about the solution for your environment note that reserved instances can be applied so you can apply the one year or the three year that will save you in between 30 and 50 of the cost of running that environment for you so and then you're not paying for individual vms that are in that environment right so in the ies land you're paying for a vm um you're you know you've got you see like discs show up you see a nick show up right all of these vms that live on azure vmware solution you're seeing them in the portal a bit differently and you're charged just for azure vmware solution you can think about leaning on your azure hybrid use benefit licensing so you can bring your windows server and sql server on-premises licenses to azure vmware solution so that's kind of a cool reality and then the free security uh updates right so you get the extended security updates for 2008 2008 r2 both on the server and sql flavors as well as i believe the same thing is going to exist or already exists for 2012 2012 r2 both windows and sql server flavors so let's talk a little bit about what the deployment looks like because i think a lot of folks are curious now right i've started to sort of talk through the business proposition talk about the background and just sort of introducing the service so it's as simple as you know you're going to deploy a private cloud in azure you'll create a virtualized v-net you'll create an azure bastion and a jump host right you could also have a jump post with a public ip that is just in time enabled it really doesn't matter but you probably don't want to have a vm with a public ip that anybody could access the v-net itself needs a gateway subnet and then what winds up getting created you can either choose the automation that is built into the azure offering now or you can add it in manually you need a v-net gateway then you'll create an auth key to be used in the v-net gateway so remember you've got that express wrap circuit that needs to be connected into your v-net so that's what i'm talking about here that auth key for the v-net gateway for the express route circuit to be peered into the azure v-net and then you'll connect the abs express route to the v-net gateway then you'll connect to the jump host behind the azure bastion service so you'll connect to vcenter you'll connect to the nsxt environment and then the big piece here is you'll enable global reach so remember how i talked about how you need an express route circuit on premises as well the only way to route traffic between two different express route circuits is by enabling global reach so you'll enable global reach for the on-premises access and then you'll go through the notion of joining a domain and configuring the identity source so this this environment is somewhat in between i as in paths the big piece here is when you join the domain and you configure the identity source you'll need to open up a ticket with microsoft support because you don't have access to the esxi hosts let's talk about the network architecture next because i think this is the most difficult area right it's fairly straightforward to deploy but you want to make sure that your network can handle all of the traffic routing correctly so there's two different flavors of interconnectivity this is basic interconnectivity and what you're looking at here is the network connectivity only really works in the azure environment there's no hybrid connection meaning there's no ipsec vpn tunnel there's no express route circuit so this is what gets deployed by default you'll deploy the azure vmware solution environment you'll provide a slash 22 a minimum of a slash 22 sider network address block it can be larger if you want it to be larger it is the management network though that's only used for azure vmware solution then you'll connect that express route circuit into an azure vnet and that sorts to that starts to unlock the capability of being able to use a lot of different azure services the model that most customers deploy though is the full interconnectivity model where you've got your express route circuit peered into an azure v-net then you've got your express route from abs peered into the same azure v-net and then you'll enable global reach to route traffic between those two express route circuits so you can migrate a vm from all the way on-premises all the way into azure vmware solution the big piece here is all of the cider address blocks that i've talked about nothing really should overlap there is one ever so slight caveat here so if you only need site-to-site connectivity you're not planning on migrating a vm or you're doing some pre-express rep testing you could also establish a site-to-site vpn with an azure vmwan hub and then you could route traffic between on-premises and azure vmware solution the big caveat here the why that the why that there's like that asterisk at the top if you need vmware's backed sla you need to have that migration path happen over an express route circuit so that's why i mentioned if you don't need to migrate your vms if you just need hybrid access or if you're trying to test what that looks like end to end you've got some non-production vms you could always spin up this environment as a way to sort of test access connect test connectivity make sure everything feasibly works but when it comes time to migrate your production workloads you'll want to make sure you have that express route circuit which then brings us to migration so these are sort of the steps right you'll want to make sure you assess the environment you can assess it now with azure migrate that then helps you identify the workloads to migrate so once you have a handle on the workloads you're migrating in sort of the order you can define the migration approach using hcx now hcx just like vmotion if you're living in the on-premises land it can handle live vmotion bulk vmotion and cold vmotion live is probably the most coveted because you don't have downtime the way you would with bulk or cold you can get a change window usually you'll have your your bulk migration show up maybe over a weekend and cold migration usually has those dev machines that may be on may not be on but just know that you've got flexibility here related to the migration approach that then helps you identify steps to full production right so once you have this plan built out you can start to build out that proof of concept where you're standing up the sddc you're connecting it to everything and you're able to start moving a few vms using the preferred migration type once you feel confident that you've got everything handled that's when you transition to production this is where you're doing the at scale migration and adoption this is where you're vacating your data center very quickly we have opportunities to help we've got microsoft fast track and they're ready to go they're ready to help you out as well as we've got quite a number of partners in the ecosystem that have to self-certify each year in order to be able to handle azure vmware solution migrations for customers so those are two opportunities to add additional help especially if you are like a lot of companies where your engineers are sort of fighting i t fires they're documenting the environment they're answering help desk calls right so there's a lot of different caps that it folks have to sort of wear and if that matches up to your environment know that we've got some opportunities to help so at the ignite time frame this year so back in march the azure migrate solution reach general availability for an azure vmware solution assessment and so it's just like your migration hubs for is vdi databases etc you now have capacity to see what it would look like if you ran your environment using azure vmware solution so that's kind of a cool reality and you get the same reporting functionality you get the same dashboarding functionality that you would if it was an is environment so remember how i mentioned hcx is the tool that you're using so this allows for the large bulk scale migration so if you can get an awesome change window you can move 50 servers 100 servers hcx will help on that front it helps with that replicated assisted vmotion right so that that sort of makes the process seem more seamless then it can also support any vsphere to vsphere migration so if you wanted to think about using hcx and you had multiple environments you could use hcx to help migrate those servers from different environments so if you had an office in new york in an office in la you could use hcx to vmotion those servers between those different environments the hcx components that's what helps you with establishing site pairing think of that like an ipsec vpn tunnel there's minimal disaster recovery functionality using hcx but it's not the de facto tool that vmware talks about the dr tool for vmware is site recovery manager but if you didn't have a license you could work with microsoft and vmware and maybe the partner to come up with the right solution for you if you wanted to lean on hcx hcxl i think this is the coolest part it allows for parallel vm migration threads so that speeds up the process quite a bit now remember how i said you want to make sure that all the networks involved with migration don't have overlapping ips well let's say your ips on prem your bm's on prem had to have the same ip address inside of azure hcx allows you to sort of stretch that layer 2 network so hopefully i didn't cause anybody to have anxiety if they were network admins this is not as painful as it might seem it's more so to help you get your environment from off pre off the on-premises world and on into azure and then it offers up a secure proxy for vmotion and replication traffic as well so let's talk about management and operations next so i think folks may have seen something similar where azure's at the center you could just replace azure with azure vmware solution and you get the same look and feel related to what operations looks like once everything lives in azure so you get the ability to secure workloads the same way that you would in if it was regular is so you have nsxt that can secure the workloads that's the networking layer you've got security center sentinel and seam integration and then there's microsoft defender and threat protection that you can add into the mix as well as you can lean on all the great identity tooling that help you maintain security for your environment in terms of protection you've got backup using microsoft azure backup server if you don't want to use that service you can use the third party service as well so commvault veeam veritas i'm probably missing one uh rubric i think cohesity are all of the major vendors more coming online so if none of those vendors match up to what you're using talk to your backup vendor and see what the trajectory is like for them to be able to support azure vmware solution environments now there's dr with set recovery manager as well as azure site recovery if you didn't want to deal with the site recovery manager license you could spin up azure site recovery as well you can expand what you're doing with azure monitor so that provides app monitoring as well as infrastructure and network monitoring right so you've got log analytics diagnostics azure monitor does a lot and you can think on think about using the same tooling once your azure vmware solution environment lives inside of azure in terms of configuration management you could easily enable update management without having to bring sccm into azure or wsus nobody really likes to do that i don't think so the idea of lending on a pass service to do that helps you just enable an azure automation account and once you enable that azure automation account you can start bringing out uh dsc into the environment right configuration management so that's kind of a cool reality once your environment lives closer to the arm apis i think the biggest piece though and this is the area where a lot of customers are finding this to be an enjoyable reality is they have an opportunity to govern their environment where they may not have had that opportunity when their workloads lived on premises so you've got policy management cost management the azure advisor as well as service health so there's great tooling that integrates with azure vmware solution that you wouldn't necessarily have if your environment lived on premises so you've got the familiar and consistent vmware tools and technology so you get to create operational consistency for admins as you continue to use vmware for resources running on azure infrastructure including the vsphere client and nsxt manager and then you've got access to vsphere hcx and nsxt that's all enabled during the private cloud deployment actually htx is now an add-on but it's something that if you are migrating vms it's straightforward to add it on the credentials are registered in azure to connect to the private cloud cluster hosts which is awesome you're not having to input a password you're not having to change that password over time then there's the seamless management for azure infrastructure resources so you can scale to the needs of your business as you require it inside the portal so it's as straightforward as going into the portal going into the cluster environment clicking on the ellipses editing and adding the additional node in about 25 minutes you have an additional node in your environment so you get to add those nodes in related to peak times so you get the compute and the storage you get to delete those nodes seasonally when the infrastructure demands are lower so if you run a lot of month-end reporting something of that sort maybe the you're a retail customer and your holiday season is just crazy you could always scale up and then delete those nodes when you're done for the season the math is called out again here so the minimum of three notes per cluster maximum of 16 nodes in a vsphere cluster and then a maximum of 96 nodes to an azure private cloud instance i think a lot of folks have probably seen the shared responsibility matrix for ispas and sas this is the azure vmware solution flavor so if you're looking at this hopefully you're realizing that microsoft is on the hook for quite a bit in terms of the infrastructure microsoft's on the hook to patch the esxi hosts to upgrade the esxi hosts they're on the hook for hardware failures that love stuff they always love to fail at like 2 a.m so you're not getting the pages the crazy emails that's microsoft this then frees you up to focus on things that are most innovative to your company so configuration management lifecycle management you still get to access the guest os's and you still get to provision things you can start to think about maybe getting some of those older os's out of the environment and moving applications onto newer windows server os's for example so i've talked a little bit about the deployment i like this slide because it sort of hits home but there's a lot happening in the azure side of things you've got your abs private cloud that's peer gear azure v-net you've got your on-premises environment that's connected via express route you've got global reach enabled and you're really accessing the environment via the azure resource manager portal you can also access it via the powershell command library the azcli environment as well as arm templates terraform templates and bicep so you can think about automating the environment but i like this because you're not having to deploy all the infrastructure pieces that you would if you were running this environment on premises that's all happening by way of automation and then microsoft managing the environment for you so in the portal you're managing the environment underneath the manage section and the workload networking so the manage is everything from connectivity to identity to the clusters right so there's add-ons as well and the add-ons right now our site recovery manager and hcx the identity will display the ip address that you're able to access the environment from a jump host and then the cloud admin the cloud admin at vsphere.local account is very similar to the administrator at vsphere.local account with the slight caveat being you don't control the esxi hosts so that's why it's called cloud admin versus administrator the workload networking section on the the portal showcases the simplified nsx interface that microsoft has built out so a lot of customers didn't move toward nsx as their software-defined networking layer they may have had a lot of different networking components that were actual physical hardware so as a result there's sort of a mixed bag related to nsx skills and this is an opportunity for somebody to embrace nsx without having to know all the right spots to go to inside the nsx console and configure it that way so the vsphere admin uses cloud admin at bsfor.local and it looks just like vsphere on premises you know it's in azure though because you see the west us.abs.azure.com so you can't quite tell your engineers that everything lives on premises right they'll eventually figure out it's in azure and then abs uses hcx for that hybrid lift and shift and all of that shows up inside the hcx area within b center so let's talk about some integrations because i do feel like this is the story that most customers are excited about it's always hard to integrate with some of the services if your environment lives on premises so these are the popular azure vmware solution integrations at the present time so there's azure netapp files for a file share it's a file share not a data store so if you needed to add additional storage capacity on a vm you could expose that as a file share there's azure the ability to use azure blob storage and iscsi disk tools so the blob storage can be used for something like content libraries so if you templatize your vms you can place it on blob storage and the iscsi disk tools allows you to expand your storage footprint into an azure is vm that's currently in public preview then there's the azure traffic manager and application gateway component so if you needed to think about high availability and distributing your web servers over multiple nodes you could think about leaning on those two which is hard to do if your environment lives on premises there's support for hub and spoke so if you already have an environment and most customers have something in azure these days it's very rare that we'll see a customer have nothing and let's say you've started to build out everything with the cloud adoption framework in mind azure vmware solution can be plugged into that hub and spoke topology then there's the integration into the microsoft azure backup server or any of the third-party backups i had talked about three backup vendors i had talked about then there's the azure monitor integration and the azure security center as well as azure sentinel integration so these are some of the really popular integrations that customers are moving towards and i'm sure this list will continue to expand because i like visuals and i'm assuming you do too this is really powerful when you think about it you've got your azure vm resolution software defined data center you've got your two vms that have been enabled with azure defender and you can connect all of this to a log analytics workspace that's the secret sauce right connecting something to a log analytics workspace because that allows you to onboard azure automation that allows you to onboard azure update management that allows you to onboard azure security center azure sentinel and then you get a chance to sort of expose the azure monitor logs through log analytics as well so if you're looking at this and you're thinking gosh this looks really cool believe me it is because some of this is hard to do when your environment lives on premises there's a lot of additional steps you have to think about and networking configurations you have to factor in so your on-premises environment can access azure without any sort of hiccup so in terms of support i think this is a big one i like to call this out quite a bit microsoft support is your single point of contact you aren't having to open up two separate tickets and manage both troubleshooting through microsoft and vmware so microsoft will focus on the azure components they will fully validate what's going on in that environment once they realize or determine that it doesn't have anything to do with azure they will engage vmware to dig deeper and then microsoft continues to be that central point to toward resolution so remember you know it's built with vmware vmware certifies this but it's delivered by microsoft as a first party service oftentimes i get asked for resources so right now there's a hands-on lab and i think this screenshot needs to be updated because i think it's changed ever so slightly there's a couple of additional labs now that show up on this landing page and if you're familiar with vmware's click through guided tutorials the same thing now exists for azure vmware solution where you can deploy the environment and you can you can think about connectivity and then you can think about building out hcx before migrating vm workloads and you just have to ena uh you have to register with vmware and then it's like a timed lab i believe it's 90 minutes and then if you somehow run out of time you can go back and you can enable the lab again just you know don't be worried that 90 minutes you're done no you can always go back and re-enable the lab again microsoft has a microsoft learn path as well and it's three modules at the present time so the first module is the introduction into azure vmware solution the second module is deployment and configuration which also deals with all the prerequisites and planning and then the third module is the migration module how do you stand up hcx how do you plan for it how do you migrate a vm from on-premises all the way into azure vmware solution and the cool part is i authored two of those three learn paths so if you like what you go through and you learn rate it or if you would like to see something be covered a little bit differently or maybe something doesn't make sense feel free to reach out because i do encourage folks to provide feedback across a number of different avenues these are also great resources as well so the overview right so that's the landing page for azure vmware solution then there's the abs documentation and the documentation now there's a couple of different sections that i like there's the tutorial right so if you are trying to figure out how to set it up get it up and functional how to integrate with different services that now shows up in the tutorials and then there's like a four section stand it up plan for it build it deploy it that's also helpful these this documentation continues to get updated pretty regularly so i like to mention to keep that url handy the azure vmware solution videos so this links to a youtube playlist that one of our global black belts updates pretty regularly so if you are curious to see some of the work that the global black belts work on and you're curious to see some of the demos the real time demos that's another spot to go to vmware ports and protocols so if you're not familiar with the networking sides of vmware that's a great link to keep you want to make sure that you understand the ports and protocols because there's a lot to pay attention to if you're standing up hcx and connecting it into azure vmware solution then the hcx documentation that's a great spot to go dig into more info what's interesting is our documentation leans on the hdx documentation so if you go into the azure vmware solution documentation and you see the hcx components eventually you'll start to see links into vmware's documentation so it's interesting to see that because i think it's the only product where we link to a third party vendor like that i could be wrong but that's what it feels like to me then there's the release notes so we update hcx fairly regularly and the release notes might be relevant for you to read over time just because of the fact you might want to know something maybe a network port changes maybe you have to factor in something else related to your firewall on premises so keeping that link is is important as well and i should follow up with the folks that are running cloud lunch and learn i should make sure that this deck is available and if it's not i'll put it on github or something and i just connect with me and i will tweet about it or post about it on linkedin after the session and then the azure migrate documentation right so i'm linking to the entire side of the azure migrate section and the reason being is azure migrate can do so much more than just regular is migration assessments you now can think about leaning on vdi your database right so your your database data platform assessment web app and azure vmware solution along with is so you get quite a bit of functionality now with azure migrate it's sort of our multi-pronged swiss army knife tool so let's go through a demo here and let me take a look at the time okay so we're doing good on time because i think what i want to do is i want to make sure that i have enough time to answer a lot of questions i'm sure there are plenty so i want to try and make sure that i've got about 10 minutes or so to answer questions so this is a pre-recorded video and the reason being is the deployment does take a number of hours to complete rather than keep you here and show you how boring it is to set it up because it's literally a lot of automation that's happening on the back end i thought i'd speed it up and show you how easy it is to get it started so you're going to look for the azure vmware solution environment or the azure vmware solution resource and it's as simple as clicking on create at the top so once you click on create you're prompted with the first screen and let's say you didn't read the documentation link let's say you started in on this you didn't read any documentation this will take you to all the prereqs that need to be met and the big pieces are you need to be an enterprise agreement customer or a cloud solution provider customer and you need a valid non-overlapping cider address block and the minimum of slash 22 is important here it could be bigger if you want to be from here it's tied to the right subscription tying it to the right resource group providing a resource name tying it to the specific region now there's only one sku right now so av 36 i suspect that will change and then it's typing in the address block so i pick 10.5.0.0.22 now you can also add tags so so many customers are doing this right now this is a resource you can apply a tag to so i apply the name i apply the value and this will show up in the portal once it's deployed and then you'll click on review and create and i don't know if you're like me but that's so much more straightforward than building this out on premises so once the validation happens you'll get a readout of everything you configured so let's say you misspelled something right it's as simple as clicking on previous and correcting it but i always recommend to check it before you hit create because again you're going to be waiting for a number of hours and then a number of automations are running in the back end to provision vcenter vsan making sure that nsx works and like i said it takes three and a half to four hours once that deploys you can go to the resource it looks just like every other azure resource let's be honest right so you go in there and on the landing page you see there's a lot of great like getting started tutorials at the bottom you'll know it succeeded because you see the status showing up as succeeded so that's and while it's building it says building so if it shows up as failed or whatever you can go and troubleshoot next we need to connect this environment to the express route circuit that mod of getting provisioned with the resource and this is a newer feature this is the automation i was talking about so click you'll click on and you'll select the virtual network so in this instance that virtual network needs to have a gateway subnet and then what you'll do is you'll hit save at the top this will kick off a lot of different automations meaning it's going to kick off the connection the v-neck gateway etc and it will automatically appear everything so you want to go back to the resource once that's done and again i sped that up too that's about 20 to 30 minutes you'll click on connectivity you'll go to express route and you see that er dash auth dash key that was generated by way of clicking on save when you were linking the avs environment to your azure v-net with a gateway subnet and so some of the automation will also spin up the express route gateway as the sku and you don't have to do that manually you you can right but i like this simplified approach because so many customers aren't as familiar with all the different moving pieces of express route so that takes us to the end of what i had prepped to talk about so i think now would be a good time to start taking some of the questions uh hi shannon yeah that's great presentation my goodness i remember from my time when i used to work with vmware it was like complex enough for you to get the storage right to get you know the cluster to get everything and now all these kind of challenging work is done by microsoft that's really it sounds great yeah so it makes your uh what makes probably those days the the scars that you you know we all wear now proudly feel a little bit better right things got easier yeah true actually yeah exactly uh okay i think you explained so well we don't have too many questions the guys managed to to understand i have two here uh one of them is um just a second let me double check oh yeah here from ansel um what if i need to migrate but express root is not available in my region but if you could kind of give a bit of information on that sure so um what i would do is i would look at so you can always migrate your non-production workloads using the site to site vpn with the vuan hub so i would think in that scenario you could probably set up a migration thread and you could migrate it all the way into azure vmware solution you could also think about using a backup and restore capability so veeam veeam's a really great vendor and i know that there's a couple of customers who have done this because they can't think about express route the way that you know vmware would want you to so they are backing things up on-prem or they're sorry they're backing things up from on-premises into azure and then they're restoring onto azure vmware solution so that might be an option as well um and i believe commvault would have something veritas would too i just know that there is a customer where they had some weird networking nuances and they had to think about a different approach to get their production workloads into azure okay great yeah and then uh not a technical question from danilo uh he's looking from where he could get those links you presented a few slides ago yeah so um what i should do is i should send this this deck over to you i don't know do you publish these decks do you know oh yeah we we can we could add those links into the in the youtube recording i believe yeah here let's do this yeah you'll send me later and then i can organize make sure i will definitely yeah because each one of these is so different right like you do a specific way um every everybody does things very differently so sometimes i wind up sending the powerpoint deck to whatever group is is you know or whatever but yeah i can definitely send you all those links uh yeah send to us because now especially for the guys who are registering uh for for the session then we can do a follow-up later yeah no problem perfect perfect okay great yeah uh what else um okay let me just add the my code here again okay for those who hasn't registered yet if you could register and as i promised let me just post here the link for the free voucher okay thanks very much again for everybody joining uh this session and then to be honest we just need your name your email address and then later on we will do a follow-up and make sure you can get you know a voucher to do whatever the microsoft exam you want um do you have anything else to add shannon i think for me is kind of okay great great session yeah i i think um you know connect with me on linkedin and twitter we are doing really interesting stuff related to some of the integrations so i have additional demos that i've cut vmworld's next week so vmworld you can register for it is 100 free and it's digital because we're still in the times of covet unfortunately what you can think about doing is taking a look at our landing page so there are three demos that are going to show up there it's going to be the demo they just showed but then it's going to be adding azure arc as well as enabling certain services like log analytics azure update management azure policy so i think folks are really excited to see some of those videos and i chose not to showcase them here because we're still kind of getting folks indoctrinated into what the service will do but if you want to see some more after this session definitely register for vmworld i can even um send you the link if that makes sense jackson to register yes please then we can follow up with all the guys yeah and it's next tuesday and wednesday and it's just like ignite meaning there are going to be europe sessions asia sessions and american sessions or america's sections sessions i should say so you've got capacity to hopefully check a lot of things out and i think they're doing some replays too so the keynotes that you might be asleep for you could watch at the time that makes sense for you in terms of your time zone so i can definitely send that link as part of that as well and um it's it's a great opportunity to especially if you're familiar with vmware it's a great opportunity to see what vmware's doing and um they're like a lot of cus companies out there right they're sort of reinventing themselves as part of this as well they've got a major uh vmware offering and all of the clouds right now i think so there's definitely one in gcp ibm oracle aws and azure i'm imagining at some point there's going to be more cloud offerings and possibly an opportunity for vmware to go into those as well so okay okay uh thanks so much again uh shannon for spending this last hour here with us and hopefully we will see you again and please let's agree send everything you have the links the vulture whatever and then i can share with our community here okay and then for the guys watching us now uh hopefully you can connect us again next wednesday uh i will be presenting all about zero trust and the main focus is going to be how to protect endpoints okay kind of hot subjects in these days okay thanks very much for for everybody watching us and hopefully i will see you again okay thanks everybody thanks everyone
Info
Channel: Cloud Lunch and Learn
Views: 178
Rating: undefined out of 5
Keywords:
Id: Pa92cqMno0A
Channel Id: undefined
Length: 54min 22sec (3262 seconds)
Published: Wed Sep 29 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.