On the--SCAC of the docking device in Microsoft Cloud

I'll talk to you today. A component in Microsoft System Center, System Center APP Controlller

A lot of friends in the Microsoft Private cloud, may be more or less come into contact with this product, most people like to call it SCAC, in fact, I like to call it, SCAC in the Microsoft Private cloud, the main role of four words can be summed up: "Self-help portal", I think most people, also understand this component.

We have integrated data center computing, storage, and networking through SCVMM in the background, forming a resource pool of private clouds, consolidating heterogeneous virtualization in the data center through VMM, clustering and non-clustered hosts, and creating many service templates through SCVMM deploy. After completing these preparations, we created a "cloud" in VMM that integrates the pooling of the resources we had previously done into the cloud, and then assigned different delegated administrators, read-only Administrators, self-service users, and assigned different operational permissions and resource permissions for the private cloud.

Ok, after doing all this, then the question comes, if we let the user go to the cloud? Install an SCVMM console on each user machine? Obviously this program is not good, not only trouble, and the console too much will consume the performance of the server, so we think, there is a simple and convenient way to allow users to access our cloud? This is also an important feature of testing an enterprise cloud computing implementation, "how end users interact with the cloud", if you do a set of cloud computing, but if users feel very troublesome access, users do not want to use, then your cloud architecture is a failure, even if your bottom resource pooling to do how good is no use.

Microsoft provides a solution for resource access to private cloud, which is SCAC, which helps administrators to manage a unified portal while managing the enterprise's private cloud, Windows Azure public Cloud, and other partner's SPF Cloud to help users in a self-service portal , through a very convenient way to access the cloud, the user can perform a virtual machine connection shutdown Restart in the SCAC portal interface, the user only need to select the type of virtual machine that needs to be deployed, fill in the machine name, background SCAC will automatically drop the tenant's request to SCVMM, then SCVMM will be in the background according to the template, Quickly create virtual machines, correlate network virtualization, and later virtual machines are automatically created, and tenants can use them.

In the Microsoft Private cloud, in addition to enabling users to deploy virtual machines in the self-service portal, they can also support the deployment of "services" in a private cloud, and one might ask, "Do you mean the service that the computer is running on?" NoNoNo, this service is non-service, I say this service, strictly speaking, it belongs to the virtual machine above the layer of architecture, how to say? In a nutshell, we can put a lot of Sysprep virtual machine templates together, become a template, and then deploy a template, will automatically create all the associated virtual machines, for example, the company has a set of Web applications, the application through the database layer, the middleware layer, The front-end Web layer is built with two machines, each of which is comprised of a single layer.

In this case, how do you deploy it quickly in a private cloud? This time cloud services come in handy, we can design a service template in SCVMM, a service template, can include multiple tiers, such as we deploy a typical three-tier architecture, can be in the service template production, unified three-tier virtual machine template, server hardware configuration, computer configuration, load Balancing configuration , are configured, and then packaged into a service template, so that users on the self-service portal, just click to create the services template to the cloud, will automatically help the tenant to create the application needs, all the layers inside the virtual machine. It also automatically helps tenants to configure the machine name, IP address, and so on. If you want to go deeper, you can also create a SQL template in the cloud service template by installing SQL image, and then integrate it into the database tier virtual machine so that when the tenant deploys the cloud service, it automatically installs a SQL on the deployed database-tier machine. Minimizing the amount of end-user configuration, including IIS, applications, different role functions, can be done in the private cloud this "advanced image Installation" will make a good IIS deploy package, Server App-V applications, VS applications, integrated into the virtual machine, realize out-of-the-box.

Tenants follow the request or assigned accounts, log in to the SCAC self-service interface, you can see their own cloud resources, hardware resources, library templates, only by clicking on the choice, enter a personalized name, you can quickly deploy a virtual machine, or a cloud service, The above is the Microsoft Private cloud in SCAC, for virtual machine resource access, cloud access, end user experience.

After the introduction, SCAC for the end user experience, then I come to talk with you, SCAC for administrators, application developers, as well as some of the features of advanced users, is also the most I want to talk with you part.

As I've told you before, SCAC not only manages the SCVMM private cloud within the enterprise, but also manages Windows AZURE,SCAC to manage Azure, but it's not really a hassle, it just requires you to plan your network and firewall connections. Create a self-signed certificate on SCAC, export the certificate with the private key again, leave it on SCAC local, export the certificate without the private key, the certificate without the private key, upload to the International Azure certificate settings, record the subscription ID of the certificate, and then go back to SCAC, add the Windows Azure Subscription, enter the subscription ID for Azure, select the certificate with the private key, enter the password for the certificate, and then add the success, in fact this Windows Azure subscription, really stored in the back end of the SCVMM,SCAC is just a Web presentation. Once you've added your Azure subscription, the fun is just beginning.

At this time, our SCAC management of the local private cloud, as well as the public cloud of Azure, SCAC can show its cross-cloud platform management capabilities. We can view the private cloud, the service template in the public cloud, the running state of the virtual machine in the SCAC self-Service portal, control the creation of services in the Azure cloud, control the creation of services in the local private cloud, Local service templates, virtual machine templates, IIS templates, and "copy" through the SCAC portal interface. Paste, upload the service template to the public cloud, just copy and paste. We can also do the scaling and shrinking of public and private cloud services in SCAC, so what is scale-out? This is what we'll see when we design the service template, for example, for a Web tier where we currently have two virtual machines, but we have the scale-out feature enabled, so that if one day the application administrator feels that my Web tier is running out of performance, I need to add a second server. Then the application administrator only needs to click on the SCAC interface for the service template to scale horizontally, the service template will automatically extend the virtual machine in the layer to the right, if the contraction, only need to enter the shrinking virtual machine number, will automatically reduce the specified virtual machine.

In the SCAC self-Service portal, we support cross-cloud platform management for private cloud public cloud, with the following features, support for private cloud public cloud, service deployment across cloud platforms, virtual machine deployment across cloud platforms, support for uploading download service templates in private cloud public cloud, virtual machines in a copy-paste manner, Manage scale-out and scale operations for service templates in a private cloud public cloud.

We know that SCAC can be unified for public cloud private cloud management, then for the hybrid cloud? What about support for third-party hosting providers that are not Microsoft? The answer is also supported, SCAC support other cloud with SPF provider, because SCAC to the unified cloud Platform management, is to use the SPF Web API to invoke SPF, or the use of Public key certificate to do the validation. If the cloud does not support the SPF provider, then SCAC is not callable, which is typically the AWS Cloud, SCAC supports the management of the Amazon cloud, but the underlying first needs to be on the SCVMM server, Install an Amazon for SCVMM to provide a add-in plug-in program, after installing the plug-in program, the plug-in will be integrated into the local SCVMM, and then through a simple configuration to help us connect to the public network of the AWS Cloud, connected to the SCVMM server, you can Seeing instances of all Windows EC2 in AWS, you can manage virtual machines in AWS in VMM, you can perform basic operations such as open-machine, RDP-Connect, monitor data in EC2, and after an SPF link configuration, we can also see instances of the AWS Cloud in the SCAC interface, Just as "other SPF provider" as the management, before, I had thought through SCAC, can not unified management OpenStack, later consulted several LIUNX experts, has been fruitless, of course, if you are a master of the rest api,web API developer, You can design a cloud of your own, and then take out the SPF Web API in the cloud, to the SCAC or Windows Azure Pack, as far as I know, the third-party hosting provider that supports Microsoft Cloud Unified management, only Amazon, and Sanbolic distributed data storage. If you know other third-party hosting providers that support Microsoft Cloud Management, you can tell me, thank you.

So, what about the SCAC cross-cloud platform management, and what are the application scenarios? In one of the projects I've worked on, it's a large state-owned company that has a production environment and a test environment that is almost identical to the production environment. They deployed SCVMM in the production environment and test environment, the production environment SCVMM is installed in the cluster, also in the test environment to deploy an SCVMM, and then add the production and testing of the VMM server in SCAC, before deploying a set of applications, they first in the test environment, Just do a service template, then deploy it in a test environment, test to verify that there is no problem with the deployment, and then, in the SCAC portal, copy and paste the service template from the test environment to the production server's library share, and then deploy the service template on the production server. After successful deployment, delete the original test environment service, through such a process, you can ensure that the deployment to the production environment of the service template is normally available, to meet the requirements, there are other scenarios, for example, according to different departments, the deployment of different VMM servers, and then unified through SCAC management.

The above is what I want to say, SCAC this product, you can see, in addition to provide self-service interface for end users, more core is it can also be in a centralized SCAC portal, help us to connect to multiple private clouds, public cloud, and other cloud providers, Then in the SCAC simple and convenient management of cross-cloud platform, so we must not think that SCAC only for the enterprise private cloud in the VMM, to do a front-end self-Service portal, then you are wrong, hey.

SCAC experienced the initial SSP, and now the latest SCAC2012R2, improved a lot, provide more and more perfect function, but there are still some shortcomings, for example, do not support users in the self-service portal, input virtual machine memory, CPU, disk, only by selecting the type of virtual machine, For example, some people think its interface is not beautiful enough, of course, if the enterprise has front-end design developers, can completely redefine the SCAC interface. Each product has its advantages and disadvantages, but I want to scac this product, in the Microsoft Cloud Computing architecture, is also an essential link, especially in its hybrid cloud, cross-cloud platform management applications.

Finally, I'd like to talk to you about two ways to service templates in a private cloud.

• Image-based service template updates

• Domain-based service template updates

First, an image-based service template update, for example, a developer deploys a service template with 20 VMs in NLB, a SQL configuration template, and an IIS configuration, and suddenly the developer and you say, Hi, I want to install one more application per virtual machine, is there any quick way? At this time, if we have a bad relationship with the developer, you can tell it, there is no way, you have a set of it! But in fact we can not do this, we can take an image-based service template update to quickly solve this problem, assuming that this set of 20 virtual machines with a 2008r2 VHD VM template, then we can put this VHD template in VMM to simulate the deployment once, after deployment, We have the developer say the application installed in this newly deployed virtual machine, after the installation, we again on this virtual machine template production, done, we will get a new, after the Sysprep VHD virtual machine template, and then we in the service template design interface will this virtual machine template, Replace the virtual machine template for the old, non-installed application. At this point, the service template will automatically update the application, automatically associate the Sql,iis configuration for the new VHD, and the Virtual Machine service template will be updated as soon as possible, so that we have an operation that will update 20 virtual machines.

Second, the domain-based service template update, or the above example, except this time the service template is managed by the Information Security Department and the development department, this day information security personnel said that three days after the batch of 5 virtual machine memory needs to be upgraded to do the stress test, and then the developer said, 7 days later, To update App-V configurations that publish several of these servers. This time the administrator can use this domain-based service template update in a way that assumes the existing service template, Version is 1.1, then we can copy out the base of 1.2, and then in the 1.2 service template, for information security requirements, adjust, adjusted, save the template, rename, then publish the template, release completed, three days after the information security personnel in the VMM console or SCAC interface, you can see, "Current service templates, updates available" after clicking on the update, VMM will be in the background, with "minimal downtime" to help us update the service template, after the update is complete, and back online. The Information security personnel update is complete. Then we copy the 1.1 template in the same way, then rename it to 1.3, in the 1.3 service template, replace the app-V profile that the developer needs, replace the release template 1.3 after completion, and after 7 days, the developer logs into the VMM console or SCAC, You will see the current service template has available updates, select the template that needs to be updated, select 1.3, the service template with the same "minimum downtime" update mode, to update the service template, updated, developers can use the latest application, domain-based service template updates and Image-based service template update, the biggest difference is that the former can be selected by the user, need to update to the version, and with automatic coordination Service update "minimum Downtime"

This article is from "a Stubborn island" blog, please be sure to keep this source http://wzde2012.blog.51cto.com/6474289/1585047

On the--SCAC of the docking device in Microsoft Cloud