How much are clouds today for the people and where to apply them

On a long weekend, the noble dons had absolutely nothing to do except to visit very wealthy moles and count.

It was decided to count - is it the way of the cloud on the example of Azure and Office 365, why so many people go there, what are the pros and cons. What to read, where to dig, where the warehouse of shovels.

Just before the new year, a holivar happened - Microsoft released the Azure TCO Calculator, and VMware said “you're lying”, which you can read in detail here.
')

TL / DR - All the same, it turns out to be a little expensive, but it’s also full of advantages. A server of matches and acorns, with software on a wooden leg and a lover of commemorating comrade V., instead of a system administrator, will of course be cheaper.

The text came out chaotic, because one was planned, and another came out.

Theory

T1. Introduction
T2. Basic (starting) configuration.
T3. What services can be transferred or reserved in the cloud at the initial stage and what is the use of it.
T4. The resulting configuration.
T5. Training courses that must be completed to achieve the resulting configuration.
T6. Estimate the cost for virtual machines.
T7. Estimate the cost for virtual disks.

T1. Introduction
If a young dynamically developing firm has its own software-defined datacenter in the office (Software-defined data center) (1) a number of problems arise, the main of which is that most of the determinability of this data center is defined in the well-known yellow program, to which there are no normal methods tests or methodologies, except for one product per G with recommendations of the same quality and the same production (2). But let's not talk about sad things, especially in the virtualization environment.

When operating something more (and most importantly - in the license field), there are costs for everything:

- Electricity (including UPS).
- cooling (maintenance of air conditioners).
- security (fireproof doors, fire extinguishing - Novec 1230, access control).
- license for connection / client access (CAL) for each sneeze.

Of course, the costs must include the hardware itself, and spare parts, operating costs, a system for reporting failures (monitoring of all systems as a whole).

If the systems are not assembled from matches and acorns, then it is still worth looking at the cost of additional purchase of support - NBD (Next business day) can be completely beyond the limits of humanity.

The advantage is the need for a person who arrives "right now," who does not drink, does not smoke, is on duty on holidays.

And I have not yet turned to the issue of licensing and setting up applications at startup, and the question of supporting the service beyond launch.

Of course, if you already have a separate team and everything is licensed and purchased, the budget is formed - then the subject of the reasoning "now" is missing. Or if you reacted to the idea of ​​licensing without interest.

If everything is not so simple, then it is worth thinking (and counting) this: - let’s say, after 2-3 years (the depreciation period of the existing equipment, including batteries in the UPS, freon in air conditioners), we decided to calculate how much the procedure will arise moving to the cloud, what risks it adds / removes, and how to live with it.

Options for deploying all kinds of clouds now ... easier to list:

- Own near-cloud - 1..10 servers in a VMWare / Hyper-V / KVM-openstack cluster (3)
- A hybrid structure with the possibility of backup deployment in the cloud.
- fully cloud deployment. It seems that the same Aplle does not live on its data centers.

T2. Basic (starting) configuration
For example, take a small firm whose main tasks (business) are far from IT. What services have they deployed?

- AD and everything nearby (certificates, trusts, federation is possible)
- Exchange (including some antispam, if they do not use cloud) - including with remote access (OWA + office)
- File server
- remote access to systems (Anyconnect, RRAS, OpenVPN, and so on)

- accounting and other accounting
- Different consultant plus and other help systems (Tech-expert), HR systems like E-Staff Recruiter (4) and so on.
- the main working tool (from auto stocks to inventory and cash)
- Internet access
- access and control systems, other service systems (UPS, scud, monitoring, video surveillance (CCTV - Closed Circuit Television), backup, etc.).

T3. What services can be moved or reserved in the cloud at the initial stage and what is the use of it
Personally, I think the easiest way is to drag at least AD as a service into the Azure cloud, and perhaps email. File server - not sure. Dragging a file server under a big question because of the communication channels in the first place, and the issue of organizing backup in the second.

Here is a price tag and a multi-book about Azure AD - The main disadvantages after the first reading
- it is not clear how to manage and replicate with the main DC.
- it is absolutely not clear how to backup.
- according to this table (above) the price per month is not clear.
- the update model is not clear, the same WSUS for virtual machines as it is tied to the policies of the main organization. And whether it is necessary.

Of course, there is a free trial version of Azure Active Directory Premium for one month .

But this is only a month, and then what? Not for a full-fledged training and self-study need a subscription to some kind of cloud mini lab. Of course, there is Azure Spark (or whatever this subscription is called), there is training (6).

There are courses, but with a subscription, everything is not obvious. There is a Visual studio enterprise with MSDN (NFR) - but not free.

With e-mail is easier - migration to office 365 is described, for example, here .

T4. Resulting configuration
The resulting configuration is a hybrid, hybrid:
- One DC on the ground (on-premise), one in a virtual machine in Azure and one in Azure
- A small file server in Azure. Of course, you could have a big one, but then you have to deploy something like RDP Azure, and not to mention the systems of pre-preparation in printing, construction and so on (all there are Adobe Indesign, Synchro, Autodesk Revit, and other NX / Unigraphics with gig files at 50).
- Backups on the ground (on-premise)
- Duplicate mailboxes (2 pieces) in office365, in another mail domain, but somehow synchronized with the ground.
- Contact Azure - VPN or ExpressRoute (but this is not for the RF)
one , two .

T5. Training courses that must be completed to achieve the resulting configuration
Everything is very bad. “Getting started with free online courses” is written in Russian and white on the page - but it sends to Managing Infrastructure with Microsoft Azure - Getting Started, where there is a free watch button on the pluralsight. Personally, I would be more comfortable to watch on Youtube, but no. Sadness and trouble.
But for example, Azur channel9 lies partly on youtube, and you can download videos.

True, there is Udemy - also in English.

So, in Russian with training, it’s still sad, not every mamkin architect will master. But there is a solution - e-books (EPUB, MOBI, PDF) on Windows Azure in Russian!
one , two .

Internal Windows Azure device ( in Russian ).

Here you should also see - Selection of the best online courses on Microsoft Azure .

There are (in Russian) meetings from COMPAREX, a couple of times a year, for example
one , two . In general, it is necessary to often look at
blogs.technet.microsoft.com/rutechnews and azurenotes.tech/ServiceNotes .

The problem is that there is no single course / pill.

T5.-2. Docking with ground
It's simple. ICND1 + ICND2 + CCNA Security + LiftMeUp + Wendell Odom
And a separate new topic - Azure NSG - Network Security Group (NSG) and also Azure Network Security Groups (NSG) - Best Practices and Lessons Learned .

T6. Cost estimate
Everything is very bad. Just got to this point, as already laid out. New Year's Holivar: Microsoft released the Azure TCO Calculator, and VMware said “you're all lying” - see (7) below.

The truth is as usual somewhere in a different plane. For a somewhat developed infrastructure, one would need to have a vSphere Distributed Switch - and this is a vSphere Enterprise Plus license, a price tag for which is completely horse, and it is generally worth considering buying MS Server 2016 Datacenter.

In addition, this cost estimate is in no way connected with attempts to assess the total (including electricity and air conditioning) cost of ownership of equipment on the ground, and this is not to mention the risks listed in the article “9.5 rules for safe IT business in Russia”.

You can count "very roughly." Let a physical server for 50 (virtual) machines consume 500 watts, 10 watts per virtual machine, 240 watts / day (plus cooling 30%, but we will not consider it yet), 7 kW * h per month, 5 p / kW * h , 35 rubles per month, 420 per year.

The cost of licenses is more complicated. Let's say we have 40 cores (2 * 20) and we are licensed for Win Datacenter:

$ 6,155 for the first 16 cores (6155 * 60 = 369300, rounded 370)
www.microsoft.com/ru-ru/cloud-platform/windows-server-pricing

plus (40-16 = 24 cores not licensed, packs of 2 cores = 12 packs
- 9EA-00128 WinSvrDCCore 2016 SNGL OLP NL 2Lic CoreLic = 40000 * 12 = 480000.
Total 370 + 480 = 850 t / per 5 years, 170 / year, 3400 per car

Conditionally, 5 years - by (per year, and 50 machines per physical host - 3246.32 per virtualku.
Sample

Of course, it would be necessary to add expenses for disks and server depreciation (the same 5 years). Let the server stand ... HP DL360 Gen9 server - from 250t, without disks. For the year - 50.000, for the car - 1000.

Disks - 697574-B21 Gen8 HP 1.2T 10K 2.5 SAS costs about 20t.r, 60 GB of capacity (for the role of only AD) will cost 20/20 - 1000r, but you need 2 disks for 5 years, taking into account raid10 - the price coefficient will be 4, and 60 GB will cost 4000 rubles.

Total - 400 + 3400 + 1000 + 4000 - 8800 per year for 5 years.

The B2S machine will cost $ 52 per month), the S6 disk (64 GB) is another 5, and other expenses that the calculator considers are $ 58-60 per month, or (tadamm) $ 720 or (course 60) 43200 / year .

So Azure costs almost 5 times more than its own ground server.

BUT, there are methods against Kostya Saprykin. For example, if we need fault tolerance, then we will have to license all the cores on the second same server, and store there another copy (via vsan or Storage Spaces) - which simply doubles the cost of the solution. And if everything is still done on top of Vmware, moreover, on top of vSphere Enterprise Plus, and even vSan was purchased separately, then the price tag will be even more equine, and if the disks are in a disk shelf (and not just crammed into the server), then It would be necessary to calculate the depreciation of the shelf, and this if it is still directly connected, without a switch for a lot of money (10G cards in the latest intel platform go for 2 pieces out of the box).

All this apart from the fact that the neighboring (spare) machine must be ready to take the load, i.e. have a reservation (in the case of 2 cars) 50%, 3 - 30% and so on. All this is not counting CAL (although I did not look at the CAL topic in Azure). And all this at the rate of 50 virtual machines per host.

Addon:

You also need to compare with Amazon as a whole, and at the same time compare the value of money. In the sense that we buy the server right away (and get CAPEX) or on credit (at a fierce interest in the Russian Federation), licenses can be right away (see above about a loan), or maybe by installments for 3 years (if not 1 server of course ), and so on. CAPEX / OPEX - the topic seems to be simple, but no .

That is, it is necessary to drive a million per server + licenses into CAPEX, which in the conditions of 10% profitability will give another 100,000 a year of lost profit, and if you take out a loan, then everything is very bad, who took for business - he knows what it is.

Conclusion

it is necessary to consider individually in each case, taking into account the costs of licensing, amortization, load reservation (unused capacity) and money service costs (price of money / lost income / lending). Electricity, air conditioning, the cost of using (renting) the area, of course, can also be calculated, as well as the reserved capacity and depreciation of the UPS.

T7. Cost Estimate for Virtual Disks
Let's try to count for a disk shelf / space in Azure. Let's start with introductory: we don't have IOPS, we need “just about 9-10 TB”. Let's take the simplest shelf - HPE MSA 1040, with 10G, or rather HPE MSA 1040 2-port 10G iSCSI Dual Controller SFF Storage (E7W04A)

Configuration:

1 Building MSA 1040/1050 SFF 2U (WxDxH: 48.26 x 49.5 x 8.9 cm)
2 HPE MSA 1040/1050 1GbE iSCSI 2-port controller controller
(here I first made a mistake, I need E7W04A, and considered E7W02A - 1GbE iSCSI)
11 Hard Drive 1.8TB 2.5 '' (SFF) SAS 10K 12G 512e Hot Plug DP for MSA2040 / 1040

We will collect from this R10 and 1 disk we reserve for Hot spare. We get 10 working disks, R10 = 1.8 * 5 = 9 TB. For such volumes to collect R5 is not a very good solution (long rebuild, the risk of flying another 1 disk when rebuild), so you can also collect brake R6 (10-2 = 8) = 14.4 TB. For further recalculation of the price per terabyte, the coefficient will be 14.4 / 9 = 1.6.

Price (itelon) - Price: ~ $ 12,807.00 ~ 738,067.41 (the price is mistakenly taken from E7W02A - 1GbE iSCSI, instead of E7W04A)

Configurator for stss for the same configuration (E7W04A, 11 disks) - writes that the price will be 994 375.00 rubles. You can take a million. But maybe HPE will give us a discount.

There is no indication of the cost of the support subscription (see below), so we will change the disks ourselves, and pray that the controllers and power supplies are not dead. And so - we prepare 20-30% per year from the purchase price, for 5 years - 100% (double, yeah).

From my personal experience in 5 years, all the disks will change, well, they usually don’t live for more than 3-4 years (although they saw 36 GB of live disks last year, and colleagues say that they can live on disks 5-6 years old. Okay, well - but now I have collected statistics on disks purchased in 2012, no). This means that there will not be 11 disks, but 22., and the price tag will be
Price: ~ $ 20 848.00 ~ 1 201 470.24

But these are expensive drives (SAS 10K), let's arrange kroilovo:
11 Hard Drive 2TB 2.5 '' (SFF) NL-SAS 7.2K 12G 512e Hot Plug DP for MSA2040 / 1040
Price: ~ $ 11 531.00 ~ 664 531.53
22 disks -
Price: ~ $ 18,296.00 ~ 1,054,398.48

(Note. For 10G config on STSS, 1.4 million were released, including HP Service for 3 years. Schedule 9x5. Start of repair on the next working day at the installation site. (NBD, on-site) . Disks calculated - HDD 2000GB SAS 12G 7200rpm Hot Plug SFF 512e (1 year warranty).

Here we are from the price of 18500 / 1.100.000 (let's round it up a bit) and make a start. For 10 TB R10 and 16 R6 for 5 years. Per year (excluding electricity, air conditioning and other OPEX / CAPEX) we get per year - Depreciation - 3700 / 220.000.
(Note. The calculation above was performed for the 1G controller. For 10G, it will be 1.400.000 / 5 = 280.000., 27% more expensive).

This, I note, is not the easiest and cheapest storage with 10G interfaces. If you do not run into SAN, but stay on NAS / iSCSI, that is, let's say relatively cheap Qnap 12 Bay NAS / iSCSI IP-SAN, Intel Skylake Core i5 3.6GHz Quad Core, 16GB RAM, 10G-ready (TVS-1282-i5- 16G-US). But again - some of these storage systems are not 10G-ready (you need to buy two separate network), you need to look at how many actual disk controllers and power supply units there are.

Azure price tag
azure.microsoft.com/en-ru/pricing/details/storage
azure.microsoft.com/en-ru/pricing/details/storage/blobs

Let's start with blob
Western Europe, LRS, hot level - The first 50 TB per month 1.23 RUB - FOR GB.
Terabyte (* 1024) = 1259.52 per month, 10 TB - 12,600 per month, 1,51200 per year. However, cheaper.

Let's look at unmanaged standard class drives.
azure.microsoft.com/en-ru/pricing/details/storage/unmanaged-disks

LRS - 2.82 RUB per GB, 28900 for 10 TB per month, 346 thousand per year (against 280 in the calculation above)

Calculator for Western Europe / LRS / file storage - says about 38,400.00 ₽ for 10 TB per month, plus for 10t for 10t operations (I do not know how relevant it is) -
The subtotal is $ 58,087.50, or almost 700,000 per year.
Three times more expensive than its storage R10, or 5 from R6
MUCH MORE. Saving on personnel with this amount of tasks is not observed.
With such a difference in the price list - too.

On the other hand, MS provides 2-3 storage replicas and guaranteed availability of services, plus migration, if necessary, to another data center, plus efficiency. On a standard storage system, you cannot just buy “one more shelf and disks for a million” - you need a budget, approvals, etc., plus bring, mount and run. See above about CAPEX / OPEX

Conclusion:

When calculating without taking into account the cost of money and the speed of scaling and migration - Azure is more expensive than its mini-cloud. As soon as there is an opportunity and need for flexible volume management and risk management (see 9.5 rules) - Azure can be quite comparable in price to a classical solution, which translates the choice issue into a political area, for example, adding AWS, Azure Stack and let's say IBM bluemix.

The opinion of colleagues about the wheels and the cost, just give:

For 13 system-years on Hitachs (both have already gone from the guarantee), I had no more than a quarter of disks fly out. On a more recent hitusha HUS110 1-2 departure (well, I do not remember how many there were, from 2 to 4) per shelf for 4 years. That is less than 10%. For the first two years of life, 3PAR in it flew exactly zero disks out of 72.

From other calculations. Of course, the calculation of TCO in my household is, alas, napkin (but I'm working on it), but approximate, by eye, the cost of a terabyte of R5-10K (yes, from poverty, from greed, in configurations from 3 + 1 to 5 + 1) is $ 3K for 5 years, that is, 600 per year or 50 per month.

In my opinion, this VSAN of ours gives roughly the same figure, but already in the R5-SSD version. Taking into account:

- Advanced type licenses
- additional 10 Gbit cards and DA-cables to ToR-switches
- Replacing a pair of ToR switches at 10G
- Mix Use SSD at the cache level

- Deduplication + compression 2: 1, because the license is Advanced and All-flash (according to estimates there and the promised 3: 1 should come out, but it will not hurt to lay down). If you believe how Veeam deduplicates backups, 4: 1 can happen there.
- R5 3 + 1. Appeared in a recent version of VSAN and only for Advanced and All-flash. Now you have a choice of network R10 (1 + 1), R5 (3 + 1) or R6 (4 + 2) for each machine, as was once in LeftHand. Well, that is, it is a little more complicated, there Failures to Tolerate and all that, but the idea is this.