Ignite 2015: Platform Vision – Server Virtualization

Session ID: BRK2466

2016: The power of Azure with the control of the datacenter
Microsoft Azure stack: Taking advantage of Azure services on premises
Deploy enterprise-grade virtualization and IaaS platform
Fritionless “cloud cadence” infrastructure upgrades
What are frictionless upgrades? Rolling upgrades, mixed-mode clusters
Benchmark-setting scale, performance and resilience
Best-in-class for Linux distros

Optimize workload availability and performance

Resilience to transient storage/network failures – Hyper-V will now pause a VM when storage/network failures happen. It will wait ~2 minutes for issue to be repaired before failing over. Similar to how VMware handles failures.
Guest cluster availability enhancements
Effectively control workload performance with built-in storage QoS – In 2016 storage QoS is now applicable to all nodes in a cluster, not just a single node like in Hyper-V 2012 R2.

Emerging Threats:

All three features require TPM 2.0 hardware:

Virtual secure mode – Process and memory access protection from the host. Admins do NOT have access to data/memory, and even the kernel does NOT have access. A crash dump of the memory segment will be encrypted. This now enabled a virtual TPM, and the use of Bitlocker inside of VMs. Live migration can be securely encrypted as well. Prevents the installation of rogue software on the Hyper-V host.

Host Guardian Mode – Enabler to run shielded VMs on a legitimate host in the fabric. Leverages physical TPM to authenticate the server and validates it is a trusted server.

Shielded VM – Bitlocker enabled VM via virtual TPM. You can convert a running VM into a shielded VM.

Deploy next-generation application platform:

What’s new in Azure IaaS: Azure Resource Manager

Declarative, infrastructure-agnostic approach for application deployment
Infrastructure-as-code
Management and deployment of infrastructure elements: VMs, storage accounts, NICs, LBs, and more

Why Containers?