1
2
3
System Center 2012 enables delivering IT as a Service between the App Owner and DC Admin personas that we defined. We have two personas: application owner, and the data center administrator Each have capabilities required to deliver a private cloud as well as leverage hybrid computing models For example, consider a self-service experience to enable your application owners to specify their service requirements; Let s say the consumer trying to provision a SharePoint service. Understand the topology and architecture of the application service in question. An application deployed in cloud computing model is called a service. This would necessitate a service model that accurately binds the application s architecture to the underlying resources where it will be hosted. The service model would be comprised of: Service definition information, deployed as roles. Roles are like DLLs, i.e. a collection of code with an entry point that runs in its own virtual machine Front end: e.g. load-balanced stateless web servers Middle worker tier: e.g. order processing, encoding Backend storage: e.g. SQL tables or files Service Configuration information Additionally, update domains, availability domains, and scale out rules You will need a set of process automation capabilities to break down this application provisioning request into the enterprise change requests that need to be implemented. This could include setting up the underlying infrastructure and then a set of application configuration/release requests that need to be tracked (and ideally implemented with orchestrated automation) Next you need a set of provisioning tools that actually configure and deploy the infrastructure and application layers. The underlying datacenter resources could be physical, virtual, private or public as per the requirements dictated by the application s service model Once the application service is deployed, it would immediately need to be discovered and monitored for reporting and health tracking There you see how the System Center 2012 components offer these life cycle management capabilities in combination to help you deliver hybrid IT as a Service as per your organization s requirements: App Controller 2012 would offer that self-service experience that allows your application owners manage their apps across private and public environments. Service Manager 2012 offers the standardized self-service catalog that defines templates for your applications and infrastructure. App Controller 2012, Virtual Machine Manager 2012, Service Manager 2012 and Operations Manager 2012 work together to maintain the service model through the application service life cycle. Orchestrator 2012 and Service Manager 2012 offer orchestrated automation for the process workflows required to drive your provisioning and monitoring tools Virtual Machine Manager 2012 and Configuration Manager 2012 can provision physical, virtual and cloud environments. Operations Manager 2012 monitors your application services end-to-end and offers deep application insight to help you deliver predictable SLA. Your datacenter resources could be deployed anywhere from physical boxes, to virtual, to private, to public with Windows Server/ Hyper-V and Windows Azure However, to get to this agile self-service end-state, you will have to start with abstracting your infrastructure and allocating it appropriately so that your business units can deploy and manage their applications on top. How does System Center 2012 get you to this point where you can deliver IT as a Service? Application Management: Deploying and operating your business applications Service Delivery & Automation: Standardizing and automating service and resource provisioning; managing change and access controls Infrastructure management: Deploying and operating all the underlying infrastructure on which your business applications and services run 4
System Center 2012 cloud and data center management solutions empower you with a common management toolset for your private and public cloud applications and services. System Center helps you confidently deliver IT as a Service for your business. System Center 2012 helps your organization consume and deliver IT as a Service by enabling productive infrastructure, predictable applications, and cloud on your terms. System Center 2012 helps you to deliver flexible and cost-effective private-cloud infrastructure to your business units in a selfservice model, while carrying forward your existing data center investments. Recognizing that applications are where core business value resides, System Center 2012 offers deep application insight, which, combined with a service-centric approach, helps you deliver predictable applicationservice levels. Finally, System Center 2012 empowers you to deliver and consume private and public cloud computing on your terms with common management experiences across your hybrid environments. Productive Infrastructure System Center 2012 helps you deliver flexible and cost-effective infrastructure with what you already know and own. System Center 2012 helps you integrate heterogeneous data center investments, including multi-hypervisor environments. You can pool and abstract your data center resources and deliver self-service infrastructure to your business units in a flexible, yet controlled, manner. Predictable Applications Apps power your business. System Center 2012 helps you deliver predictable application service levels with deep application insight, and holistically manage your application services, which is where your core business value resides. Your Cloud Private and public cloud computing on your terms managed with a common toolset. System Center 2012 empowers you to deliver and consume private and public cloud computing on your terms, with common management experiences across your hybrid environments. 5
The key steps in deploying your private cloud infrastructure Deploy your Private Cloud infrastructure from the different fabric resources in your datacenter. Deploy your compute fabric through bare metal OS deployments of Hyper-V servers. Discover, classify, and allocate my storage fabric for Private Cloud use. Abstract my networking fabric for use in my Private Cloud. Pull these fabric resources together and create cluster for use as the underlying infrastructure for the Private Cloud. 6
With all of this infrastructure, how do I ensure that I am proactive in understanding utilization and performance, I can quickly be alerted if a problem occurs having both built in knowledge of how to fix it? Also, with my infrastructure for the Private Cloud, I need to ensure that I can update the infrastructure without affecting my service levels. With the datacenter infrastructure running efficiently, you also need to be able to recover in case of both element outage and whole site recovery. This course is about keeping the infrastructure up and running. You ve already configured and deployed the private cloud, and deployed services on them. The services you have kept up and running and dynamically optimized them for best use of resources. Now we re going to keep this infrastructure up and running. To do that, there are things we need to look at: One of them is, as an organization, you want to be proactive. You want to monitor the OS, the compute resources, storage, and network. All the different fabrics that you have and by monitoring them you can monitor them for performance and health. And that will help you ensure your infrastructure SLAs. But if something happens and you re alerted on something that happens, or you can diagnose the health of something beforehand to determine that something might go wrong. You need to be corrective and be able to quickly correct any issues that come across, whether it be preemptive, meaning you know something goings to go down soon so fix it beforehand, or if something does go down, be able to quickly react to it. To do that, you really need to be able to use the built in knowledge of this infrastructure whether it s product or company. We have a standardized way of keeping your systems updated. So you have this underlying fabric of compute resources and you want to ensure that they are up to date and you can patch them without service interruption. Lastly, you want to ensure that these applications in this infrastructure is available is for my applications. That will help me ensure service availability and will allow me to recover from any infrastructure outage, whether it s inside the datacenter, or of the entire datacenter. 7
I need to know how my Infrastructure is Performing to meet my OLAs Ensure Infrastructure OLA through resource monitoring Monitor my infrastructure to determine if I meet my OLAs Less Downtime, Quicker time to fix Use System Center Operations Manager 2012 to enable these scenarios 8
To do this, we re going to leverage Operations Manager 2012. With Operations Manager 2012, we can do compute and OS monitoring. This has been done for years. It allows us to help achieve our infrastructure escalades because we ll know how our applications are performing, and we ll also be able to trend how they re performing so we can take action before we actually run into a problem. We ll trend the infrastructure usage over time; we ll monitor the usage performance; understand how it s performing now and how it s performing over time. The fact is that we provide out of the box a lot of monitoring capabilities, but really the beauty of how we handle monitoring is through our partner management packs. Through the partner extensibility that we can create with Operations Manager 2012, we can monitor a tremendously large amount of things, whether it s compute resources, storage, networking, the OS itself, whether it s Windows or non-windows OS, the Hypervisor environments, whether it s Hyper-V or VMware, though our partner created management packs. We have a tremendously large amount of things that we can look at. 9
Through management packs, we have extensibility in how we can view the infrastructure. Microsoft provides a bunch of management packs for many different environments, whether it s Microsoft applications, infrastructure type applications like AD, SQL, Exchange, SharePoint, whether it s System Center applications, Hyper-V, VMM, all these type of applications, we provide a rich base of management packs which provide knowledge and thresholds for these Microsoft products, but our partners also supply a ton of them. Those partner-provided management packs help us for non-microsoft OSs, non-microsoft applications, and non- Microsoft elements like storage, networking, and those types of things as well. In addition to getting Microsoft provided management packs or partner provided management packs, your customer s organizations can provide their own management packs and offer them as well. Thus there s a rich, rich management capability though management packs. They give best practices for configurations and what to set for alert thresholds to know if you re going to have a problem, or if you re having a problem. As well, they provide reporting information, so you can generate reports on how that piece of the infrastructure is running. 10
Knowledge is an important thing that we provide with Operations Manager 2012. not only do we have product knowledge, we also have company knowledge. Product knowledge is created by the person that creates the management packet that deals with things like I know that this Application performs this way, and I need to search on these particular thresholds. But also, if this happens, these are the things that you could do to fix it. In this example here, I had an application that was monitoring Operations Manger itself, and it saw a problem with that, and these are the possible resolutions. So you have that information together inside of an alert, and the Management Pack provides that knowledge. But an organization may have a special way of doing things. SQL server goes out, the product knowledge says restart the SQL instance, or apply this KB article, for example. But the company may say I need to do that, but I also need to call another administrator first. Well company knowledge allows me to add-in that tribal knowledge, that company way of doing things, inside that same alert. Now when that alert goes off, not only do I know what the recommended steps are, but I know what any special nuance I have to do for my organization for that same problem. We can store that information in a custom management pack so you take this information and create a brand new management pack. It takes the existing management pack, adds on the company knowledge, and turns it into a combined management pack. 11
With Operations Manager 2012 System Center 2012, we have added out of the box network monitoring. Here we have the ability to discover different management or networking environments. We can discover different types of network from Foundry, or Cisco, or whatever network element is that is out there. We use things like SNMP v1, v2, and v3 to connect to these things and discover them. Once we discover them, we can do a lot of monitoring as far as what ports are active; who is connected to those ports, what kind of interface is connected to those different ports, as well as the components on that networking switch itself. You can pull information on the switch, like how their CPU within the switch is performing, and that might help you look at which ones are good performing, or which ones are running under duress and you need to either 1) update the switch, or 2) fix the problem that might be happening. We also give rich visualization of these network devices, we provide a network summary view, so you can look at things like how you network is performing and it gives you a list of things like the top ten performers that are having problems. You can also go into a network node view, where you can pick a particular device and drill directly down into it. Or network vicinity view. This is helpful for an organization when they need to know which devices are connected to this network device. For example, you can show a switch, and what devices are connected to this switch, which will help determine if I have to take this down, or it goes down, what is going to be affected. Then lastly, we can help you report on the different network devices and how they have been performing. We can report on things like the utilization of the switch, things like processor, which ports are connected, and report error analysis. So you have a lot of different things you can check, and you can view and report on as far as networks. This is all new and out of the box with System Center 2012. 12
in this view of network performance, it allows you to out of the box, just click straight down into it and as you ve added these network subsystems, and it can do a search and see the different performance utilization. It can tell you things about it like what are the views. This dashboard summary gives you things like how much of this CPU is being used on your top ten devices. You can sort it in a way where you could say these network components are my troublemakers, let s fix them. You can identify which ones are underperforming or not meeting the SLAa that you need. These all show green, but if something happens to one of them, it might show red and you can see that you can examine the detail content when you drill down into it. 13
Between the view of the network devices, when you have this consolidated view up there, you can then drill down and get a vicinity view. Vicinity view gives you a network map. It allows you to see what things are connected to this device. Within that, you can show the computers that are connected to the device as well. This allows you to drill down and figure out, if I can t connect to this Windows server, is it the network device s fault or is it the Windows device s fault. If the network device is down, then you can tell which systems are connected to it. From knowing what systems are connected to it, you can determine the cause of the problem. Then if a device can be managed when you re looking at it, you can right click on it and get detailed contact as to what kind of device it is, how it s configured, and all the different information that we can pull from this device. There s a lot of detail content we can get and understand how these devices are performing. 14
Once we ve monitored this environment, and we know things are working well or not, we then need to know if anything is going to happen We need a way to determine the overall level of SLA compliance of our business-critical applications and identify those that are out of compliance Regulations dictate that certain applications in our business stay compliant with the defined SLAs and we need up-todate, real-time reports to help us do this Thus we can optimize to make sure that our system is as healthy as possible If you have a problem, you need to quickly determine if it is my infrastructure and find root cause System Center Operations Manager2012 key features: Monitor Cloud Resources identify infrastructure root cause analysis Health Explorer and analysis on Infrastructure Resources Better Customer Experience 15
The first thing is that System Center provides this holistic view of health, whether it s at the item level or it s at the application level, or it s at the system level, we can see where the problem occurs, and we can drill down into that problem to determine the cause of it. In this environment, I had an issue and what I ve done is that I simply have to right click on the element that is showing me the red x and command drill down into that health and show me the health of that system. It can show me everything, or if I go straight from an alert, it will show the piece from the alert. You can now tell not only at the element level, but deep down into it what s going on with that element and then I can see on the right-hand pane what the actual problem is. This it increases visibility of what you can see. Its consistent user experience as far as how we view this, and you can customize this view and create customized views for places like the datacenter admin, application owner, and decision maker. You have this ability to show this in many different ways. The things that we can look at are at the infrastructure we can just look at the specific elements themselves - OS, compute, storage, or network, or we can bring it up a level and look at the infrastructure applications. Things like database server SQL, Exchange, AD, those types of things. We can look at custom applications, whether they re.net, J2E, or even third party applications. And then we can also do things like look at the end user experience. Monitoring from the outside how the end user is connected to this. And if there are latency delays we can figure out where the problem is there. Thus we have this holistic view of the health of our systems. Operations Manager 2012, gives you: Increased visibility into the underlying application environment and infrastructure, across End user experience synthetic transactions Application monitoring.net and J2E Infrastructure application monitoring database, web servers, directory services Infrastructure monitoring OS, compute, storage, and network Consistent user experience across console, web, SharePoint views Customized view or dashboard depending on role or need Datacenter Admin Application Owner Decision Maker 16
Not only can we monitor Windows systems, but we can view this view of health through non-windows systems as well. We have support for Novell, SLES, Redhat, Enterprise, Linux, IBM, HP, Solaris, and others through our partner management packs. Thus we have this view of many different pieces of the environment and not only that on a Windows server or the OS, but we also have visibility for SQL as well as Oracle databases. We have views of Hyper-V, as well as views of VMware. Microsoft s partners help us provide alerting for these other environments through partner enabled management packs. 17
Once we do that, we can see how these applications are performing. In this picture right here, what we re showing is a service that was created within VMM, got pushed into Operations Manager 2012 It s a multi-tier service, and the web tier has three servers deployed under it, and we can see that those servers have a red x. We can drill down and figure out why those servers are having problems. So we can monitor the application and the service of our distributed applications. We can drill down into that application to determine where the problem lies. Thus it makes it easier for us to diagnose where the problem is, and figure it out, and get it up and running more quickly. 18
Not only can we do this for on-premises applications, but we can also support applications that are either Windows Azure based, or a cross between On-Premise and Windows Azure. In this environment, we have an application that s deployed that is cross platform. A piece of it is deployed on Windows Azure, and a piece of it is deployed locally. When we view that within System Center 2012, we can view it at the worker role there on the right and whatever is deployed within my datacenter there on the left. We have both On-Premises pieces of the application, for example the database; and we also have the Windows Azure pieces, for example the front end. We can see both of those from within the same view by creating distributed application that attaches to all these different pieces and elements. 19
With a consistent view of monitoring these applications, an administrator, through the Operations Manager 2012 Console, have a view of how my network or whatever is performing. Also, you can delegate this access out when you pass it off to an individual user via the web console and create a web login where the user can login. He can access the web log in and see the same view, but he doesn t have to install the full Operations Manager 2012 client on his system. Then you can also create custom dashboards that show the view that you want. You can publish these dashboards on to SharePoint using web parts. The same view across all these different platforms, but depending on who needs to access it you can give them the view that they need. You can give them the same information because Operations Manager 2012 supports both through the Management Server or just a straight connection through the Operations Manager 2012 Console. As well, it supports the reports through the web server, Silverlight, or web parts through SharePoint. As such, all will have a consistent view. 20
With standardizing the approach to updating virtualization hosts with Operations Manager 2012: You can ensure these systems are providing my private cloud infrastructure are kept up-to-date You are able to Patch my servers without affecting my services You can update infrastructure without affecting running Services Orchestrate patch updates from a baseline Perform cloud infrastructure maintenance without service downtime 21
With System Center 2012, you can keep the Private Cloud Infrastructure up-to-date by baselining your Hyper-V clusters. You can create the baselines by logically grouping the updates that you want to use for assessing compliance, and do all of this within VMM. You can assign this baseline to a host group. In addition, it will look at that host group and assure that it has all those different updates and patches applied. In addition, if it does not, it will tell me which ones are in and out of compliance through the scanning operation. Therefore, you will scan these servers. You will check whether they are in compliance. you ll use Windows Update Agent to determine whether or not these patches need to be there for compliance, and you can wither do it on demand or you can automate it through something like PowerShell. Lastly, if something is out of compliance, you can make sure it is compliant by automatically installing those automatic updates. We do this in an orchestrated manner so that the servers will be updated without bringing down any of the VMs that are running on that cluster of servers. 22
Another way that System Center 2012 enables you to meeting your fabric SLA is by ensuring your virtual resources are up to date. Traditional update engines like System Center Configuration Manager aren t cluster-aware. They re likely to push out patches to all hosts simultaneously, disrupting cluster availability. VMM 2012 can integrate with a dedicated 64-bit Windows Server Update Services (WSUS) 3.0 SP2 server and will orchestrate cluster patching by migrating VMs to other hosts in the cluster, patching the node and rebooting if required. It will repeat the process on the next host until the whole cluster is up-to-date. You can define update baselines with lists of required updates. VMM will then scan hosts to determine compliance, and finally apply patches to bring them current. You will have the option to exempt particular hosts if a patch turns out to cause instability. The feature requires a pre-existing, dedicated, root WSUS 3.0 SP2 64 bit server. If the WSUS server is remote, the WSUS console is required on the VMM server. It supports WSUS in SSL mode. A scan is then conducted to see if the server is compliant or not for the assigned baseline. VMM leverages WUA for applicability and compliance. Scan is on demand and automatable using PowerShell. VMM then makes the server compliant by installing missing updates. Update installation progress can be tracked in the VMM console and remediation is on demand and automatable using PowerShell. Virtual Machine Manager provides a feature by which you can manage updates for your virtual machine hosts, library servers, PXE servers, the Windows Server Update Management (WSUS) server, and the VMM server itself in the VMM console. Enable feature In VMM, use Add WSUS server wizard to select and add WSUS server and then synchronize with the latest updates. VMM gets a catalog of updates from the update server. It points the fabric servers to the correct update server, i.e. configures the WUA agent on each fabric server. Create Baseline After you enable update management in VMM, you are ready to prepare for patching by configuring update baselines. An update baseline contains a set of required updates. The baseline is a logical grouping of updates to assess compliance. VMM provides two sample baselines for Security and Critical updates. You can assign the baseline to hosts, host groups and host clusters, plus VMM server roles (library server, PXE server, Update server and VMM server). You cannot assign it to VMs (running or stored) or VHDs in the library. Scan Servers During a compliance scan, computers that are assigned to a baseline are graded for compliance to their assigned baselines. After a computer is found noncompliant, an administrator brings the computer into compliance through update remediation. Remediate servers If computers are found to be non-compliant, remediation can be performed. When you perform update remediation on a host cluster, VMM orchestrates the updates, in turn placing each cluster node in maintenance mode, migrating virtual machines off the host by using intelligent placement, and then installing the updates. If the cluster supports live migration of Windows Server-based virtual machines, live migration is used. If the cluster does not support live migration, VMM saves state for the virtual machines and does not migrate them. 23
The intent of this section is to give a glimpse into how you can protect your private cloud aka back-up and recovery solution and how we help ensure high availability using various SC products. Protecting your infrastructure involves protecting the applications that run on it. You need to ensure high availability of your private cloud infrastructure We do this using the Data Protection Manager, Orchestrator, Service Manager, and Operations Manager 2012. System Center 2012 Data Protection Manager, Orchestrator, Operations Manager, Virtual Machine Manager together will allow you to: If I have a failure, how do I recover Recover the Infrastructure Recover Infrastructure due to failure in the datacenter or of the datacenter Increased Service Levels, decreased RTO 24
There are three main areas to focus on when protecting the private cloud How our back-up and recovery solution is optimized for Microsoft Applications and for Windows. Data protection Manager can do item level recovery in SharePoint and Hyper-V in a matter of seconds. There is extended support for any Windows application that utilizes the VSS writer, and support of Non Microsoft products through customizable XML files. Our back up and recovery story is ready for large enterprises. With Microsoft s own IT division, it is running 80 DPM servers running backing up 3.5 Petabytes of data. We support offsite back-up to cloud through partners like IronMountain. For machines that lie outside the domain, which is a very common scenario, we support certificate based protection. We also have protection of clustered work loads. We support having co-location where we can back-up more than one application side by side on the same tape. In this scenario, System Center products work together to give a good complete solution. Data Protection Manager integrates with Operations Manager and you can monitor your back-up and recovery from the same console you use to monitor your Application, your fabric and your infrastructure. If you have several DPM servers running, you can view them all from a single pane of glass and the user can see only the information that he has access to. 25
With this illustration, you can see how the same product can be used to back-up and recover a wide range of Microsoft products. Microsoft has optimized our back-up and recovery solution: Exchange: We support any point in time recovery, we provide self service restores Up to 2000 SQL Databases can be protected using a single DPM server The change tracking is super storage efficient. We provide protection against total loss due to logical corruptions We can preserve data for point in time restores SharePoint You can protect at a farm level, but can do granular level recovery. Recovery of a document takes only a few seconds now. New databases are automatically detected and protected HyperV You can do item level recovery of VMs You can back-up the entire host You can seamlessly protect live migration of VMs We can back-up data from all these sources once every 15 minutes to a Tape or a Disk and you can save this back-up in an offsite location again on a tape or a disk or in the cloud. 26
Our cluster failover solution in Windows Server 2008 R2 has ensured that servers are up and running all the time. If a specific node in the cluster fails over, another node automatically fired back up and we can then use VMM to bring the node back-up and things continue to work again. If the entire cluster goes down, we can recover the entire cluster and get it running on another physical machine till we bring the original cluster back-up. So we help ensure high availability within the Datacenter without any downtime. 27
There are powerful automation capabilities in SC 2012 for recovery and backup In addition to providing deep monitoring and diagnostic insight for your IT infrastructure, SC 2012 provides integration and automation capabilities which can be configured to support many different incident or error remediation scenarios. Orchestrator is the component providing automated runbook capabilities combined with connectivity to other management components (System Center and third party) with the use of Integration Packs. In this example we re going to automatically migrate a SQL server database. After investigating the alert in Operations Manager we just saw, we ve decided we should migrate the database on that VM to another SQL Server instance. As you can see in this screen, Orchestrator's runbook designer can be used to create automated workflows that perform several tasks while integrating with all the necessary management components. The icons and the interface are very user friendly so it s easy to see what activities will happen and in what order. A typical recovery process is as follows: The SQL migration runbook can either be started from within the Orchestrator console, or triggered by Orchestrator pulling the alert information from Operations Manager. Once the process is kicked off, Orchestrator communicates with VMM, and then VMM checks for valid names of the source and destination servers, plus the database to be migrated. Next, Orchestrator communicates with Service Manager to create an incident ID associated with the database migration ensuring there s a record of this process. At this point, Data Protection Manager is pulled into process to create a recovery point for the database and exports it to a designated network share. Now that the database is backed up, Orchestrator is going to kick-off a PowerShell script to run the actual database migration to the new SQL server VM. Once the migration is complete, Operations Manager will be put into maintenance mode for the source server we migrated the database from so that when VMM shuts it down, an error will not be thrown. Finally, once the source VM is shut down the associated incident logged in SM will resolve. Other integrated automation capabilities being delivered with SC 2012 include: Incident Response Provisioning Disaster Recovery Compliance Requirements Change Control Capacity Management 28
The key steps in deploying your private cloud infrastructure Deploy your Private Cloud infrastructure from the different fabric resources in your datacenter. Deploy your compute fabric through bare metal OS deployments of Hyper-V servers. Discover, classify, and allocate my storage fabric for Private Cloud use. Abstract my networking fabric for use in my Private Cloud. Pull these fabric resources together and create cluster for use as the underlying infrastructure for the Private Cloud. 29
Within this presentation we have discussed: Taking compute resources, network resources, and storage resources that are diverse and complex and we ve simplified them together, dedicating them to creating this logical and standardized fabric of resources that we can now create our private cloud from. Taking the diverse resources and created a logical standardized and from there then you can build the cloud abstraction, deploy your capacity, and deploy the new services on there. Monitoring and operating your physical and virtual compute fabric, your storage fabric, creating that logical network abstraction, and with the cluster creation bring it all together to be that foundation for that private cloud. 30
31
32