[MUSIC]
Hey I'm Scott and it's Azure Friday.
We're here with Stefan Schackow talking about App Services.
It's my favorite feature.
>> [CROSSTALK] >> I got like 21 of them now.
All kinds of different live sites,
running up in Azure in App Services.
What are we changing?
>> So what are we changing?
We're introducing a new SKU, a new option for
running your apps on App Service.
It's called the isolated SKU and
it is probably somewhat jokingly one of the first SKU names we
have that actually describes what it does.
>> [LAUGH] >> So
as you can sort of imagine, it says that it's isolated.
It's all about creating an app, or multiple apps on our service
and running them in a locked-down, isolated manner.
So that the outside world can't see them, know about them,
they can't get to them, so it's completely isolated.
But you get all the goodness of Azure App Service.
So like perfect example, right, you have maybe a workload today,
it's an on-premises line of business app,
you've been scratching your head.
You're like how do I get this stuff up into the cloud?
So the whole point behind the isolated SKU is, guess what,
that's a kind of workload you don't want the outside
world to ever see or know about.
But you'd like to be able to do things like auto scale and
slots and everything else we have on App Service.
What you do is, you go deploy it using our isolated SKU
inside of a virtual network that you built out inside of Azure.
So now you got the best of both worlds.
It's completely internal, hidden from the world.
You, only you and your company, can actually see it and use it.
So the outside world can't get to it.
But everything that you're accustomed to
using on App Service is still there and available to you.
>> So forgive my ignorance but
was it not possible before to make a virtual network and
make it secret and make it so you can VPN into it?
>> So you've been able to, obviously for years in Azure,
you can set up a VNet,
put infrastructure-as-a-service in there.
That absolutely all works, all there today.
And even us on the App Service,
we've had a precursor called App Service Environments that gave
you sort of the first generation of that.
>> But those were big, and they took 20 minutes to fire up, and
they cost a lot of money.
>> Yeah, so the isolated SKU, think of it this way,
it's taken all of the refinements, the feedback, and
put it all into our product.
Made it better, made it easier, and more approachable.
And so now sort of the second generation of it is now what's
called the isolated SKU.
And you'll see here in a little bit,
I think it flows a lot more naturally and
works the way you would sort of expect App Service to work.
>> Would it be appropriate for smaller businesses, like myself?
Like I've got a couple of smalls, but
in an App Service Environment, I'm not a big business.
>> Yeah, so- >> Not even a medium business.
>> Correct, so it's like admittedly, isolated SKU,
it tends to be driven, again, as the name isolated implies.
It's driven by the fact they your business, your company,
you have an overriding reason to run things maybe in
a highly PCI compliant environment.
>> Case in point, banking, financials,
things like that where you just have stricter requirements.
And so you have to have no proverbial error gaps,
as it were, in terms of network access to your app.
>> Wow.
>> Certainly small, medium business you can go run on it.
There is and you'll see it a little bit here.
One thing you can do is we
can give you much higher scaling limits.
So that is an option, but let's face it.
At the end of the day,
if I'm running like a smaller storefront blog marketing site,
definitely public App Service.
That's still where you want to be.
>> That makes sense, okay.
But if I am gonna be doing my expense reporting system,
my HR system, this is perfect.
>> It's perfect, another perfect example is, a lot of us, right,
probably we've all got IRAs, 401Ks, you name it.
The reason why I bring that up is those are all examples of
sites that they have sensitive data,
they need to be accessible to the outside world, right?
Because you and I, we need to fire it up on our mobile device.
>> Right. >> But at the same time,
I don't want the apps that are running there to just be wide
open to the Internet.
So another thing you can do for
example with the isolated SKU, is you can deploy an App Service
you app's hidden from the outside world.
You can frontend it with a service or a firewall or
web application firewalls, pick your device or service.
That's what the outside world will actually see and access,
but your actual app is locked down and
sort of hidden behind this load.
>> That's really interesting,
I've got my blood sugar application,
right now sitting alongside Baby Smash, my video game.
They're all just kind of hanging out together on the same
App Service.
I could make my blood sugar,
my personal health information, isolated.
>> Yes, absolutely.
>> Very cool, let's see a demo.
Okay, so what we've got showing here is,
I'm already logged into the portal.
I've got a resource group with an app and
App Service Environment already set up.
So let's jump in here.
This is the actual app itself.
A couple of things to note is, you can see, hey,
it's running in an App Service plan [CROSSTALK]-
>> Let me guess,
that actually is a capital letter I,
not obvious, [CROSSTALK] >> We'll take the feedback and
change the font to plural.
>> Yeah,
[LAUGH] make an I with a- >> Yes.
>> I know s1 is standard and f1 is freeze, so
then i1 is isolated.
>> i1 is isolated, yes, it is.
Another thing to note, right,
the URL, nice thing when you're running in isolated.
You also are effectively running in your own isolated DNS zone.
Because it's your virtual network.
We don't really care what the domain suffixes are, and so
that's nice, because it means that you can, for
example, the app itself can use names.
Example, if you were to go out and
create an app today on App Service and call it example.
Good luck, it was probably taken about five milliseconds after
the service went live.
>> So you're not thinking about Azurewebsite.net?
>> Exactly, exactly,
you're using the custom domain you care about.
So let's take a closer look at that, right,
there's an App Service plan.
If I jump in here, to the blade specifically for
the App Service plan, we'll see a couple of things.
I'm running in West US 2.
Again, I'm running isolated.
And if I jump in here to the scale-up options,
now you can see what's actually available.
And this is the crux of what is the isolated offering.
So, a couple of things to point out, right?
It runs on a much more powerful tier of compute horsepower.
So again, folks in the IS world have been able to enjoy the DB2
series for a while.
We've finally been able to bring it here to App Service.
>> Wow. >> So you get a lot more memory
per SKU and then also,
even though the cores look sort of similar.
It's like hey, 1, 2, 4 Core.
I got that today on standard but
remember those cores, ACU for ACU, are more than twice as
powerful as what we've got running in App Service today.
Everything else here we've been talking about,
you run inside a virtual network,1 TB of storage.
So that's a pretty honking chunk of storage for App Service.
It's way higher than the normal,
I think it's like 50 gigs what you get in standard.
But again, because you're sort of in your own little world,
we can give you a lot more.
And then last but not least, right, those hundred instances
that's part of thing about isolation is that literally this
is a crunch-downed version of App Services.
Hey, this is yours, it goes in your virtual network.
And that means we can do crazy things like scale that sucker
out to a much broader degree than sorta what's possible if
you're running a basic or
standard on the regular App Service.
>> That gets me thinking about that gradient of all
the different choices from Azure Stack
to App Service Environments, but this is I just clicked that.
It's actually very reasonably priced for
a medium-sized business.
I've got SSDs and 100 instances.
I could potentially, depending on the size of my company,
run all my internal stuff on that and have room to spare.
It's a pretty beefy machine.
>> Yeah and you bring up a very good point which is for
isolated, definitely, we expect for a lot of folks the model
isn't gonna be you run one app and isolate it and you're done.
>> No. >> You figure, look,
you've got a whole suite of apps, you're gonna run 1,050,
100 apps in an isolated SKU.
You got enough horsepower and so between the horsepower and
the number of instances you can run like,
think of it like your own miniature IT department or
your own miniature web posting service inside your company.
>> Your own miniature web hosting service.
Now does that mean because it is App Service,
which I am a huge fan of, I could still do my git pushes,
they're just to internalize- >> You know,
funny that you should bring that up, I'll tell you what.
Let's hop in here to a,
this is a virtual machine that I am running inside of the small
virtual network as my isolated app.
And first we'll pull up here,
we'll just go to a example here azurefriday.net.
Hello world,
wow that's really exciting, there's that URL again.
So now what I did real quickly is I threw
visual studio code onto the machine here.
>> Mm-hm.
>> So we'll say hello world, hello Scott.
We'll go out and save that.
>> Okay.
>> And then I already set up git local git here on my VM.
>> Mm-hm.
>> So we'll do a live.
>> Git commit with a t.
>> Push thank you that's always good.
And then we'll go get push Azure master and so
literally I'm on this VM.
I already set up this app ahead of time so that it's connected
to the local get functionality on my app, running in isolated
so I made that change, we pop back here, I hit refresh.
Boom, there it is.
>> Nice and I noticed when you did that push it was subtle, but
people who are watching would've seen that the SCM URL,
that kudu, K-U-D-U, the kudu URL, also that same machine.
Because it is App Service, it's just isolated.
>> Yes, exactly.
And if we pop back over here, pop back into the main portal.
Take a look at deployment options for the app and you'll
actually see from when I was playing around with it earlier.
And then also there it is.
There's, there's the push we did live.
So again, it's a very quick example but very powerful.
Which the whole point is people get familiar with App Service.
They're really happy with it.
They're running it live on the Internet.
But then invariably, like you said,
there's sort of a tier of apps.
I feel a little nervous about just hanging
out there live on the Internet.
So that's the whole point of the isolated SKU.
You get to use what's in App Service,
but you get to put it in that lockdown environment where you
have the security you're looking for.
So maybe I, at the very beginning of this segment,
I may have disparaged App Service Environment a little bit
because it seemed like a big deal.
It seemed like when I made an App Service Environment
it was like, now I've graduated into more money.
I've graduated from
a small company to a medium-sized company.
Help me understand better when I would use regular vanilla
App Service where an App Service Environment fits and
we're isolating fits.
>> Well, so the first thing to make that easier to understand
is underneath the hood the implementation details
are the isolated queue.
It's basically a second generation of
App Service Environments underneath the hood.
But what we've done is we've stripped away all of
the complexity.
Right so again, we heard the feedback I feel it first hand
because, again, I talk to customers,
they know my email address they complain to me,
that kind of feedback loop.
So the whole point is just to say, look,
people know an app, they know an App Service plan,
they know how to use it on App Service.
Can we deliver an offering that works the same way so that you
don't have to worry about grungy underneath-the-hood details.
So that's the thing.
The isolated SKU, if you were to peel back the covers and
look at the engine underneath the hood,
basically it's like the App Service Environment V2,
second generation.
But you, like what I just showed you,
you don't have to deal with that or worry about that.
So, that's the first thing right,
the two things are collapsed together.
Now, the continuum, again, perfectly great question.
Let's say I'm a small company and again,
I have my marketing site right.
There it's like I want that on the regular App Service.
It makes sense, it's easily accessible, things like that.
But maybe I'm doing business, say in the financial space.
Again, PCI's is the perfect example where I know I'm
gonna get those bad orders coming in.
There's gonna go through the 400 item checklist.
And they're gonna be like, I don't care how good you are.
Your apps gotta be all secured and locked down.
>> You've done that checklist for me.
>> Exactly, you deploy and to isolate it.
It's like there you go, checklist is done.
>> Very cool. Is this available now?
>> By the time this airs, yes.
It will be available now.
And actually, again, you're seeing the portal live.
So it's already there and up and running.
>> Very cool.
All right, I'm learning all kinds of things about isolated
App Services, here on Azure Friday.
[MUSIC]
For more infomation >> Carmelo Anthony trade to Cavaliers - Duration: 11:29. 
For more infomation >> Benefits of being an Exclusive Traveler Club Member. - Duration: 1:12. 
For more infomation >> Björk - I See Who You Are (Sub) - Duration: 4:23. 
Không có nhận xét nào:
Đăng nhận xét