Skip to content

Azure Virtual Datacenter (VDC) Part II-Basic Concepts

03/18/2019

In the previous post we talked about the migration to Cloud

https://msincic.wordpress.com/2019/03/06/azure-virtual-datacenter-vdc-part-i-migration-as-is-and-to-be/

In this post we will understand the basic concepts, which are represented by this diagram:

image

Each part represents one of the pillars that support a Virtual Datacenter:

  • Encryption – All data trafficked within a datacenter where multiple clients stay must be protected so that one does not have access to the data of others. This involves communication, disk and traffic cryptography
  • Identity – A consistent identity model where customers can log in and view their objects with all available resources. In the case of Azure this is done by multi-tenant Active Directory (Multi Tenant). As already known in the market directory systems allow multiple companies to be hosted and share the database model and authentication with total isolation
  • Software-Defined Networks – How to host multiple clients if everyone wants to have the same range of IP and communicate over the same cable sets?
    This is the challenge of SDNs, to allow isolated traffic. In the past we did this with the VLAN feature but it was limited to 65535. Today this is done logically by using features like NVRE and others where network packets are tagged to who they belong to, similar to what the VLAN did but without the 32-bit limit.
    This allows multiple clients to have the same IP range as 10.0.0.0/24, since each virtual network receives a different TAG in the packets, with the encryption and identity guaranteeing the reliability in the delivery of the data packets
  • Compliance – It would not matter if migrating to a public datacenter would be stuck to patterns that only work there. Public clouds need to adopt the market standards for networks to communicate. This is not to say that the way Microsoft’s Machine Learning is coded is the same as the AWS Machine Learning, but rather that the basic part follows interoperability standards.
    For example, a VM in AWS can communicate over IP with a VM in Azure or Google Cloud because they all use the same protocols, even if a provider has different aggregate services.
    The same goes for an application in Moodle or SAP, if it is in Azure or AWS does not matter because they follow the identical network and communication standards (interchange).
    Because of compliance I can leave half of my servers in the local and the others spread out in 3 different public datacenters and all communicating normally.
  • Logging, Audit and Report – When migrating from a private (local) cloud to a public, I need to know the costs and make sure my data is safe and accessible only by my users.
    Here we are not dealing with log, audit and reports for the client, but rather the internal infra so that the provider is sure that there is no data leakage, who made each operation and report it when necessary.
    That’s why the cockpits of public cloud providers are gigantic. They need to control and be able to redo in any kind of failure that occurs.
    The first datacenters came from the concept of hosting , that is you took the servers from your rack at home to take to the provider where electricity, links and physical security are on their behalf. In this model all responsibility for communication, logical security and reporting is yours.
    In the public model a good part of the resources are allocated to control the resources, for example when creating the old Microsoft Azure Stack (currently discontinued) several VMs were created with the purpose of supplying the control items.
Conclusion

In this second post we talk about the basic components that make up a public cloud.

Feel secure when placing your data on these providers, they are prepared to ensure the privacy and security of your data.

Advertisements
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: