您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

查看计算选项Review your compute options

在为云采用做好准备时,需要考虑一个重要事项:确定用于托管工作负荷的计算要求。Determining the compute requirements for hosting your workloads is a key consideration as you prepare for your cloud adoption. Azure 计算产品和服务支持各种工作负荷计算场景和功能。Azure compute products and services support a wide variety of workload computing scenarios and capabilities. 如何配置登陆区域环境以支持计算要求取决于工作负荷的治理、技术和业务要求。How you configure your landing zone environment to support your compute requirements depends on your workload's governance, technical, and business requirements.

确定计算服务要求Identify compute services requirements

作为登陆区域评估和准备的一部分,需要确定登陆区域需要支持的所有计算资源。As part of your landing zone evaluation and preparation, you need to identify all compute resources that your landing zone will need to support. 此过程涉及评估构成工作负荷的每个应用程序和服务,以确定计算和托管要求。This process involves assessing each of the applications and services that make up your workloads to determine your compute and hosting requirements. 确定并记录要求后,可以为登陆区域创建策略,以便根据工作负荷需求控制允许的资源类型。After you identify and document your requirements, you can create policies for your landing zone to control what resource types are allowed based on your workload needs.

对于将要部署到登陆区域环境的每个应用程序或服务,请使用以下决策树作为起点来帮助确定计算服务要求:For each application or service you'll deploy to your landing zone environment, use the following decision tree as a starting point to help you determine your compute services requirements:

Azure 计算服务决策树关系图。

图1: Azure 计算服务的决策树。Figure 1: An Azure compute services decision tree.

定义:Definitions:

  • "直接迁移" 是一种将工作负载迁移到云的策略,无需重新设计应用程序或进行代码更改。"Lift and shift" is a strategy for migrating a workload to the cloud without redesigning the application or making code changes. 也称“重新托管”。Also called rehosting. 有关详细信息,请参阅 Azure 迁移中心。For more information, see Azure migration center.
  • "云优化" 是一种通过重构应用程序来迁移到云以利用云本机特性和功能的策略。"Cloud-optimized" is a strategy for migrating to the cloud by refactoring an application to take advantage of cloud-native features and capabilities.

此流程图的输出是一个要考虑的起点。The output from this flowchart is a starting point for consideration. 接下来,对服务执行更详细的评估,查看其是否满足你的需求。Next, perform a more detailed evaluation of the service to see if it meets your needs.

备注

详细了解如何在 Azure 应用程序体系结构指南中评估适用于每个应用程序或服务的计算选项。Learn more about how to assess compute options for each of your applications or services in the Azure application architecture guide.

主要问题Key questions

请回答以下有关工作负荷的问题,这样有助于你根据 Azure 计算服务决策树做出决策:Answer the following questions about your workloads to help you make decisions based on the Azure compute services decision tree:

  • 是要构建全新的应用程序和服务,还是从现有的本地工作负荷迁移?Are you building net-new applications and services or migrating from existing on-premises workloads? 开发新应用程序作为你的云采用工作的一部分,使你能够充分利用设计阶段的新式基于云的托管技术。Developing new applications as part of your cloud adoption efforts allows you to take full advantage of modern cloud-based hosting technologies from the design phase moving forward.
  • 如果要迁移现有的工作负荷,它们能否利用新式云技术?If you're migrating existing workloads, can they take advantage of modern cloud technologies? 迁移本地工作负荷需要分析。Migrating on-premises workloads requires analysis. 你是否可以轻松优化现有的应用程序和服务以利用新式云技术,或者能否更好地改善工作负载?Can you easily optimize existing applications and services to take advantage of modern cloud technologies, or will a lift-and-shift approach work better for your workloads?
  • 你的应用程序或服务是否可以利用容器?Can your applications or services take advantage of containers? 如果你的应用程序适用于容器化托管,则可以利用 Azure 中的容器服务提供的资源效率、可伸缩性和业务流程功能。If your applications are good candidates for containerized hosting, you can take advantage of the resource efficiency, scalability, and orchestration capabilities provided by container services in Azure. Azure 托管磁盘azure 文件均可用于容器化应用程序中的持久存储。Both Azure managed disks and Azure Files can be used for persistent storage in containerized applications.
  • 你的应用程序是基于 web 还是基于 API 的,它们是否使用 PHP、ASP.NET、Node.js 或类似的技术?Are your applications web- or API-based, and do they use PHP, ASP.NET, Node.js, or similar technologies? Web 应用可以部署到托管的 Azure 应用服务实例,因此,无需出于托管目的而保留虚拟机。Web apps can be deployed to managed Azure App Service instances, so you don't have to maintain virtual machines for hosting purposes.
  • 是否需要完全控制工作负荷的操作系统和托管环境?Will you require full control over the OS and hosting environment of your workload? 如果需要控制托管环境,包括操作系统、磁盘、本地运行的软件和其他配置,可以使用 Azure 虚拟机来托管你的应用程序和服务。If you need to control the hosting environment, including OS, disks, locally running software, and other configurations, you can use Azure Virtual Machines to host your applications and services. 除了选择虚拟机大小和性能层以外,与虚拟磁盘存储有关的决策将影响与基础结构即服务工作负荷相关的性能和 Sla。In addition to choosing your virtual machine sizes and performance tiers, your decisions regarding virtual disk storage will affect performance and SLAs related to your infrastructure as a service workloads. 有关详细信息,请参阅 Azure 磁盘存储 文档。For more information, see the Azure disk storage documentation.
  • 工作负荷是否会涉及高性能计算 (HPC) 功能?Will your workload involve high-performance computing (HPC) capabilities? Azure Batch 以平台服务的形式提供作业计划和计算资源自动缩放,从而可以方便地在云中运行大规模的并行 HPC 应用程序。Azure Batch provides job scheduling and autoscaling of compute resources as a platform service, so it's easy to run large-scale parallel and HPC applications in the cloud.
  • 应用程序是否将使用微服务体系结构?Will your applications use a microservices architecture? 使用基于微服务的体系结构的应用程序可以利用多种优化计算技术。Applications that use a microservices-based architecture can take advantage of several optimized compute technologies. 事件驱动的独立式工作负荷可以使用 Azure Functions 来生成无需基础结构的可缩放、无服务器应用程序。Self-contained, event-driven workloads can use Azure Functions to build scalable, serverless applications that don't need an infrastructure. 对于需要更好地控制微服务运行环境的应用程序,可以使用容器服务,如 Azure 容器实例Azure Kubernetes 服务Azure Service FabricFor applications that require more control over the environment where microservices run, you can use container services like Azure Container Instances, Azure Kubernetes Service, and Azure Service Fabric.

备注

大多数 Azure 计算服务与 Azure 存储结合使用。Most Azure compute services are used in combination with Azure Storage. 请参阅存储决策指南了解相关的存储决策。Consult the storage decisions guidance for related storage decisions.

常见计算方案Common compute scenarios

下表介绍了几种常见的使用场景和用于处理这些场景的建议计算服务:The following table illustrates a few common use scenarios and the recommended compute services for handling them:

方案Scenario 计算服务Compute service
我需要使用选择的配置在几秒钟内预配 Linux 和 Windows 虚拟机。I need to provision Linux and Windows virtual machines in seconds with the configurations of my choice. Azure 虚拟机Azure Virtual Machines
我需要通过自动缩放实现高可用性,在几分钟内创建数千个 VM。I need to achieve high availability by autoscaling to create thousands of VMs in minutes. 虚拟机规模集Virtual machine scale sets
我需要简化 Kubernetes 的部署、管理和操作。I want to simplify the deployment, management, and operations of Kubernetes. Azure Kubernetes 服务 (AKS)Azure Kubernetes Service (AKS)
我需要使用事件驱动的无服务器体系结构来加快应用程序开发。I need to accelerate application development by using an event-driven serverless architecture. Azure FunctionsAzure Functions
我需要在 Windows 和 Linux 上开发微服务和安排容器。I need to develop microservices and orchestrate containers on Windows and Linux. Azure Service FabricAzure Service Fabric
我想使用完全托管的平台快速创建用于 web 和移动的云应用程序。I want to quickly create cloud applications for web and mobile by using a fully managed platform. Azure 应用服务Azure App Service
我想容器化应用程序并使用单个命令轻松运行容器。I want to containerize applications and easily run containers by using a single command. Azure 容器实例Azure Container Instances
我需要够扩展到数十、数百或数千台虚拟机的云规模作业计划和计算管理。I need cloud-scale job scheduling and compute management with the ability to scale to tens, hundreds, or thousands of virtual machines. Azure BatchAzure Batch
我需要创建高度可用、可缩放的云应用程序和 Api,可帮助我将精力集中在应用程序而不是硬件上。I need to create highly available, scalable cloud applications and APIs that can help me focus on applications instead of hardware. Azure 云服务Azure Cloud Services

区域可用性Regional availability

利用 Azure,你可以在 任何位置 按需交付服务,以满足你的客户和合作伙伴的需要。Azure lets you deliver services at the scale you need to reach your customers and partners wherever they are. 规划云部署的一个关键因素是确定将托管工作负荷资源的 Azure 区域。A key factor in planning your cloud deployment is to determine which Azure region will host your workload resources.

某些计算选项(如 Azure App Service)在大多数 Azure 区域中已正式发布,而其他计算服务仅在特定区域受支持。Some compute options such as Azure App Service are generally available in most Azure regions while other compute services are supported only in certain regions. 某些虚拟机类型及其关联的存储类型具有有限的区域可用性。Some virtual machine types and their associated storage types have limited regional availability. 在决定要将计算资源部署到的区域之前,建议你参阅 " 区域" 页 ,以检查区域可用性的最新状态。Before you decide the regions to which you will deploy your compute resources, we recommend that you refer to the regions page to check the latest status of regional availability.

若要了解有关 Azure 全球基础结构的详细信息,请参阅 azure 区域页To learn more about the Azure global infrastructure, see the Azure regions page. 你还可以查看 按区域提供的产品 ,获取有关每个 Azure 区域中可用的总体服务的特定详细信息。You can also view products available by region for specific details about the overall services that are available in each Azure region.

数据驻留和合规性要求Data residency and compliance requirements

你的工作负荷通常需要遵守与数据存储相关的法律和合同要求。Legal and contractual requirements related to data storage often will apply to your workloads. 这些要求可能因组织位置、存储和处理文件和数据的管辖权地以及适用的业务部门而异。These requirements might vary based on the location of your organization, the jurisdiction where files and data are stored and processed, and your applicable business sector. 需要考虑的数据义务组成部分包括:数据分类、数据位置和责任共担模型下各自的数据保护责任。Components of data obligations to consider include data classification, data location, and the respective responsibilities for data protection under the shared responsibility model. 许多计算解决方案依赖于链接的存储资源。Many compute solutions depend on linked storage resources. 此要求还可能会影响计算决策。This requirement also might influence your compute decisions. 有关了解这些要求的帮助,请参阅 通过 Azure 实现符合性数据派驻服务和安全性的白皮书。For help with understanding these requirements, see the white paper achieving compliant data residency and security with Azure.

合规性工作部分可能包括,控制计算资源的实际位置。Part of your compliance efforts might include controlling where your compute resources are physically located. Azure 区域分为多个组,称为地理位置。Azure regions are organized into groups called geographies. Azure 地理位置可确保在地理和政治边界内遵守数据驻留、主权、合规性和复原能力要求。An Azure geography ensures that data residency, sovereignty, compliance, and resiliency requirements are honored within geographical and political boundaries. 如果你的工作负荷需要遵守数据主权或其他合规性要求,你必须将存储资源部署到合规 Azure 地理位置中的区域。If your workloads are subject to data sovereignty or other compliance requirements, you must deploy your storage resources to regions in a compliant Azure geography.

为计算服务建立控件Establish controls for compute services

准备登陆区域环境时,可以建立用于限制每个用户可以部署的资源的控件。When you prepare your landing zone environment, you can establish controls that limit what resources each user can deploy. 这些控件可以帮助你管理成本和限制安全风险,同时仍允许开发人员和 IT 团队部署和配置支持工作负荷所需的资源。The controls can help you manage costs and limit security risks while still allowing developers and IT teams to deploy and configure resources that are needed to support your workloads.

确定并记录登陆区域的要求后,可以使用 Azure Policy 来控制允许用户创建的计算资源。After you identify and document your landing zone's requirements, you can use Azure Policy to control the compute resources that you allow users to create. 控件可以采用允许或拒绝创建计算资源类型的形式。Controls can take the form of allowing or denying the creation of compute resource types. 例如,可以将用户限制为仅创建 Azure 应用服务或 Azure Functions 资源。For example, you might restrict users to creating only Azure App Service or Azure Functions resources. 还可以使用策略来控制创建资源时允许的选项,例如限制可以预配的虚拟机 SKU只允许特定的 VM 映像You also can use policy to control the allowable options when a resource is created, like restricting what virtual machine SKUs can be provisioned or allowing only specific VM images.

策略可划分为资源、资源组、订阅和管理组。Policies can be scoped to resources, resource groups, subscriptions, and management groups. 你可以在 Azure 蓝图 定义中包含策略,并将其重复应用到整个云场所。You can include your policies in Azure blueprint definitions and apply them repeatedly throughout your cloud estate.