MGT 326 Enabling Hosted Iaa S Clouds for
MGT 326 Enabling Hosted Iaa. S Clouds for Service Providers Using Microsoft System Center 2012 SP 1 with Windows Server 2012 Marc Umeno, Eric Winner Microsoft Corporation
Service Templates Application Deployment Custom Command Execution Image-based Servicing Application Owner Usage Capacity and Capability Delegation and Quota Services Clouds Server Lifecycle Management Multiple Hypervisors Network Management Storage Management Dynamic Optimization HA VMM Server Power. Shell Upgrade Custom Properties Fabric Infrastructure
Tenant Administrator VM Network Isolation Service Deployment UI Add-ins Service Templates Server Hardware Providers Load Balancer Providers Storage automation Multi-tenancy Partner Enablement Large VMs Live Migration Enhancements Network Virtualization Storage Management Increase Scale Increase Performance Decrease Latency Windows Server 2012 Perf and Scale
Configure the fabric (servers, network, storage) Create a cloud from the fabric Delegate the cloud to a Self Service User creates VMs and Services in the cloud
Cloud Consumer View Capacity Capabilities Libraries Logical Networks Load Balancers Storage Classifications Storage Capacity Hosts Clusters Library Servers IP Address Pools MAC Address Pools Storage Providers Storage Arrays
VMM Admin Fabric Administrator Delegated Admin Scope: Entire system Can take any action Fabric Administrator Scope: Host groups and clouds Configure fabric (hosts, networking and storage) Create cloud on fabric Assign cloud Tenant Administrator Tenant Scope: Clouds only Author VM Networks Assign cloud All other SSU settings Self-Service User Application Owner Scope: Clouds only Author templates Deploy/manage VMs and Services Share resources Revocable actions Quota as a shared and per-user limit Read-only Administrator Help Desk Scope: Host groups and clouds, No actions
F a b r i c A d m i n A p p A d m i n Templates Virtual Machine Service Virtual Machine Cloud Library Paths Quota Capacity Library Servers • Shares Host groups Clusters • Nodes Hosts SC 2012 VMM Logical Networks Storage Classifications Network Sites Pools • Subnet / VLAN • IP Pools • Luns • Arrays Jobs
F a b r i c A d m i n T e n a n t A d m i n VM Networks creation App Admin User. Role A p p A d m i n Templates Virtual Machine Service Virtual Machine Cloud Library Paths Library Servers • Shares Quota VM Networks usage Capacity Logical Networks Host groups Clusters • Nodes Hosts SC 2012 SP 1 VMM Storage Classifications Network Sites Pools • Subnet / VLAN • IP Pools • Luns • Arrays Jobs
Example of On. Behalf. Of syntax get-scvmmserver localhost -User. Role. Name Administrator –For. On. Behalf. Of $blue. SSU = get-scuserrole -Name Blue_SSU $bluevm = Get-SCVirtual. Machine -Name Blue. VM -On. Behalf. Of. User user 1@bluecola -On. Behalf. Of. User. Role $blue. SSU Stop-sc. Virtual. Machine –VM $bluevm -On. Behalf. Of. User user 1@bluecola -On. Behalf. Of. User. Role $blue. SSU
demo Tenant Administration and On. Behalf. Of Eric Winner Microsoft
Manage across multiple instances of System Center Let me use my existing customerfacing UI Web APIs to enable Hosted Iaa. S Portals Customize and extend offerings to differentiate Remove need for me to manage tenant networks Add Multitenancy to System Center Value-add services such as monitoring or backup
http Tenant Admins Provider’s Other Systems Tenant’s Apps, Scripts, Tools Self-service Users https Tenant Admins Tenant’s Apps, Scripts, Tools Self-service Users REST OData API Aggregation Automation
Virtual Machine Manager
OData client libraries (. NET, PHP, Javascript, Ruby)
http: //<spfserver>: 8090/SC 2012/VMM/Microsoft. Manageme nt. o. Data. svc/Clouds? $filter=VMMServer eq ‘<vmmserver>’
demo REST OData API for VMM
Tenant A IT Ops Tenant A Prod User Role Tenant B Tenant Admin User Role Dev Tenant A Dev User Role Test Tenant Admin User Role Dev Tenant A Test User Role Tenant B Dev User Role Test Tenant B Test User Role Europe IT Ops Tenant B Prod User Role SPF API Gold Silver 1 Synced User Roles VMM Server 1 Bronze Silver 2 Synced User Roles VMM Server 2 Silver 3 Europe 3 Synced User Roles VMM Server 3 • Tenant admin manages SSU users and hosted cloud resources
Tenant Provider Tenant Admin creates Self-service User Role SPF Validates Token matching Tenant and User Role in SPF DB Self-service User accesses Portal creates SAML Claim Token User, User Role and Tenant ID are passed in http header User Role and Tenant ID mapped to VMM Self-service User Role SPF accesses VMM on behalf of User and User Role
Service Provider Foundation Client Application SPF Interface User Authentication Resource Model Action Mapping Task Execution User Action Supported Areas For SPF Extensions • Defined extension points (runbooks) • Upgrade safe • Create new resource • Provide new action mapping (PS script or runbook) • Create new task execution logic
Demo - App Controller Brings Enterprise Access to Hosted Iaa. S 1. Acquire Enterprise customer (Central IT) acquires capacity from Iaa. S Service Provider via Service Provider portal 2. Register Acquired capacity is registered with App Controller on-premise 3. Delegate Central IT delegates access to acquired capacity 4. Deploy and Self-Service users deploy VM’s onto hoster acquired capacity and private cloud from same tool Operate On-Premise Self-Service Portal (App Controller) 3 Service Provider Portal VMM Hybrid Cloud Service Provider Cloud 1 Private Clouds 2 Enterprise Tenant Admin 4 Enterprise App Owner
demo App Controller Accessing Hosted Iaa. S Cloud
Feature Description VM Management • Create, update, & operate VM’s Service management • Deploy, update, and operate VMM services; scale-out within service tiers Self-service VM networks • Create, update, and use self-service VM networks Multi-tenancy / Multistamp • Isolated, role-based access for tenants • Manage tenants at large scale across multiple VMM stamps Self-service Tenant Administration • Tenant admin manages access to hosted Iaa. S cloud • Tenant admin configures and manages self-service user roles Enterprise identity for SPF • Tenants can authenticate and authorize using corporate identity Extensibility for hosted cloud API • Extensible REST OData API surface • Use runbooks to customize processes driven through SPF API Expose VM usage data • Iaa. S monitoring based on Operations Manager
Breakout Sessions MGT 314 - What's New in System Center 2012 SP 1 - Virtual Machine Manager MGT 316 - Overview of Microsoft System Center 2012 SP 1 - Storage Management MGT 317 - Overview of Microsoft System Center 2012 SP 1 - Virtual Machine Manager Services MGT 319 - Infrastructure Management: Configure and Deploy MGT 320 - Microsoft System Center Virtual Machine Manager 2012: Zero to Cluster to Cloud MGT 321 - Service Template Creation from the Ground Up MGT 326 - Building a Hosted Cloud Using Microsoft System Center 2012 and Windows Server 2012 VIR 312 - Compete to Win, Part 2: Comparing Private Cloud Capabilities Other Sessions MGT 41 -HOL- Microsoft System Center 2012 Virtual Machine Manager Infrastructure Components Management MGT 42 -HOL - Microsoft System Center 2012 Virtual Machine Manager and App Controller Creating, Deploying, and Managing Service Templates MGT 53 -HOL - Microsoft System Center 2012 Application Self-Service and Managing Applications across Clouds PRC 03 - Pre-Conference Seminar - Private Cloud Immersion
Learning Connect. Share. Discuss. Microsoft Certification & Training Resources http: //northamerica. msteched. com www. microsoft. com/learning Tech. Net Resources for IT Professionals Resources for Developers http: //microsoft. com/technet http: //microsoft. com/msdn
Complete an evaluation on Comm. Net and enter to win!
Scan the Tag to evaluate this session now on my. Tech. Ed Mobile
- Slides: 34