您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

登陆区域注意事项Landing zone considerations

登陆区域是任何云采用环境的基本构建块。A landing zone is the basic building block of any cloud adoption environment. “登陆区域”一词是指一个环境,该环境已进行预配和准备,可以在云环境(例如 Azure)中托管工作负荷。The term landing zone refers to an environment that's been provisioned and prepared to host workloads in a cloud environment like Azure. 迭代使用云采用框架的就绪方法,最终的可交付成果就是一个功能完全正常的登陆区域。A fully functioning landing zone is the final deliverable of any iteration of the Cloud Adoption Framework's Ready methodology.

登陆区域注意事项 图1:登陆区域注意事项。Landing zone considerations Figure 1: Landing zone considerations.

此图显示在实施任何登陆区域部署时的主要注意事项。This image shows the major considerations for implementing any landing zone deployment. 这些注意事项可分为三类:托管、Azure 基础、治理。The considerations can be broken into three categories or types of considerations: hosting, Azure fundamentals, and governance.

托管注意事项Hosting considerations

所有登陆区域都为托管选项提供结构。All landing zones provide structure for hosting options. 可以通过治理控制显式创建该结构,也可以通过采用登陆区域中的服务有组织地进行创建。The structure is created explicitly through governance controls or organically through the adoption of services within the landing zone. 在通过蓝图或其他自动化脚本创建登陆区域时,如果需要进行决策,可以阅读以下文章:The following articles can help you make decisions that will be reflected in the blueprint or other automation scripts that create your landing zone:

  • 计算决策:为了将操作复杂性降到最低,请将计算选项与登陆区域的用途对齐。Compute decisions: To minimize operational complexity, align compute options with the purpose of the landing zone. 可以使用自动化工具链(如 Azure 策略计划和登陆区域)强制执行此决定。This decision can be enforced by using automation toolchains like Azure Policy initiatives and landing zones.
  • 存储决策:选择正确的 Azure 存储解决方案来支持工作负荷要求。Storage decisions: Choose the right Azure Storage solution to support your workload requirements.
  • 网络决策:选择 "网络服务"、"工具" 和 "体系结构" 以支持组织的工作负荷、监管和连接要求。Networking decisions: Choose networking services, tools, and architectures to support your organization's workload, governance, and connectivity requirements.
  • 数据库决策:确定最适合你的工作负荷要求的数据库技术。Database decisions: Determine which database technology is best suited for your workload requirements.

Azure 基础Azure fundamentals

每个登陆区域都是范围更广并可在整个云环境中组织资源的解决方案的一部分。Each landing zone is part of a broader solution for organizing resources across a cloud environment. Azure 基础是组织的基础构建块。Azure fundamentals are the foundational building blocks for an organization.

  • Azure 基本概念:了解用于在 Azure 中组织资源的基本概念和术语,以及概念彼此之间的关系。Azure fundamental concepts: Learn fundamental concepts and terms that are used to organize resources in Azure and how the concepts relate to one another.
  • 资源一致性决策指南:了解每个基础知识后,资源组织决策指南可以帮助您制定决定登陆区域的决策。Resource consistency decision guide: When you understand each of the fundamentals, the resource organization decision guide can help you make decisions that shape the landing zone.

治理注意事项Governance considerations

云采用框架的治理方法构成了一个对环境进行整体治理的流程。The Cloud Adoption Framework's Govern methodologies establish a process for governing the environment as a whole. 许多用例可能会要求你在每个登录区域的基础上做出监管决策。Many use cases might require you to make governance decisions on a per-landing-zone basis. 在许多情况下,将在每个平台上强制实施调控基准,即使基准是建立的整体。In many scenarios, governance baselines are enforced on a per-landing-zone basis even though the baselines are established holistically. 这适用于组织部署的头几个登陆区域。It's true for the first few landing zones that an organization deploys.

若要就登陆区域进行与治理相关的决策,可参阅以下文章。The following articles can help you make governance-related decisions about your landing zone. 可以根据每项决策来确定治理基线。You can factor each decision into your governance baselines.

  • 成本要求。Cost requirements. 可能需要针对登陆区域更改各种成本管理配置,具体取决于组织采用云的动机以及对其环境所做的运营承诺。Based on an organization's motivation for cloud adoption and operational commitments made about its environment, various cost management configurations might need to be changed for the landing zone.
  • 监视决策。Monitoring decisions. 可以根据登陆区域的运营要求部署各种监视工具。Depending on the operational requirements for a landing zone, various monitoring tools can be deployed. 若要确定最适用于部署的工具,可参阅监视决策文章。The monitoring decisions article can help you determine the most appropriate tools to deploy.
  • Azure 基于角色的访问控制。Azure role-based access control. Azure RBAC) 的 azure 基于角色的访问控制 (为围绕用户角色组织的资源提供基于组的精细访问管理。Azure role-based access control (Azure RBAC) offers fine-grained, group-based access management for resources that are organized around user roles.
  • 策略决策。Policy decisions. Azure 蓝图示例提供预先制作的符合性蓝图,每个都有预定义的策略计划。Azure Blueprints samples provide premade compliance blueprints, each with predefined policy initiatives. 策略决策告知系统根据你的要求和约束选择最佳的蓝图或策略计划。Policy decisions help inform a selection of the best blueprint or policy initiative based on your requirements and constraints.
  • 创建 混合云一致性Create hybrid cloud consistency. 创建混合云解决方案,让组织既能充分利用云创新,又能保留本地管理的许多便利。Create hybrid cloud solutions that give your organization the benefits of cloud innovation while maintaining many of the conveniences of on-premises management.