In Part
2, we will take a closer look at the experience of this solution, already
running in Windows Azure and the changes that were announced early in June.
This is to help you to better understand Windows Azure in general, and to be
able to use it in your strategy and also explain the long term goal of a common
experience in cloud computing, no matter if it`s on-premise or public.
Windows
Azure used to be PaaS – Only until recently.
I have
blogged several times about Windows Azure and that it`s PaaS and not IaaS, even
with the VM Role in mind.
A bit of
history:
In the
early beginning in 2007, Windows Azure did only support ASP.NET for the front-end
and .NET in the back-end and was ideal for running Microsoft based code in the
cloud and take advantage of Microsoft`s scalable datacenters. The only thing
the developer had to focus on was to
write code.
Based on
feedback from customers, Microsoft had to open up a bit to support various
workloads. People wanted to move to cloud computing but didn’t had the time or
effort necessary to perform the transition. And of course, it was a huge
question about costs as well.
In fact,
If you needed to create a hybrid solution back then, you had to code
everything. This also included the Service Bus for being able to communicate
with on-premise resources or other roles in the cloud. Back in 2010 during PDC,
Microsoft announced several new features like VM Role, Azure Connect and Admin
mode among others.
Immediately
people assumed that this was IaaS.
To make
a long story short: Someone tried to move their VMs to Windows Azure (through
Visual Studio, which they should consider as odd) and connected their VMs to
on-premise resources by installing Azure Connect on their domain controller
(also odd).
Things
were running for a while, not fast as lightening but it did work, until Windows
Azure did reset the image they uploaded. The reason for this was that the VM
Role was stateless only.
The whole
idea behind the VM role was to make it easier to move existing applications –
that also required some manual configuration prior to launching the code for
their applications. The developers knew this and was happy, but the IT pros who
did misunderstand the concept, was failing beyond recognition. The really key
to understand all this is to know cloud computing and its service models. PaaS
is very different from IaaS when it comes to responsibility and functionality
in the cloud stack. A rule to remember: if things are able to scale out,
then it is stateless.
So what
did change in June this year?
-
Windows Azure is now also considered as an IaaS cloud
When
that said, the long term goal for your applications should be to be able to run
in a PaaS environment which is considered as the most effective and modern
pattern. But you have now an option for your server applications when using
IaaS, since IaaS serves to the OS stack in the cloud stack. This means you can
put whatever you want into your OS, and that IaaS is basically virtual machines
– the most flexible service model in cloud computing.
Comparison of Virtual Machines (IaaS) vs. VM
Role
Virtual Machine has persistent storage, included system partition
VM Role gives you a stateless VM with pre packed applications for advanced
setup of applications
IaaS in Windows Azure introduces the following:
-
Support for
key server applications
-
Easy storage
manageability
-
High available
features
-
Advanced networking
-
Integration
with PaaS (as ‘Cloud Services’ in the new portal)
For us that have been working with
infrastructure in general and private cloud, we know what this means. But we
still need to dive into the PaaS offering in Windows Azure, although we’re not
developers. The reason why I am saying this is because Windows Azure has a goal
to deliver the same capabilities with their IaaS offering as with PaaS.
This will include things as VIP swap, fault
domains and upgrade domains, affinity groups etc.
In the preview of the new Windows Azure portal
you`ll find several images available.
-
Windows Server
2008 R2
-
Windows Server
2008 R2 with SQL Server 2012 Evaluation
-
Windows Server
2012 Release Candidate
-
Several
versions of LINUX
Virtual Machine Architecture in Windows Azure
It was a question about storage for the
persistent storage and Microsoft decided to used what they already had available
in Windows Azure Storage, by leverage their Blobs which also creates at least
three replicas. By using their existing Blobs in Azure Storage, they had to
make several improvements for the overall performance as this was designed for
PaaS. This has in turns lead to a greater performance for both PaaS and IaaS as
a result of that. (Amazon created a SAN
solution for their VM storage).
You will find both Disks and Images in Windows
Azure.
Image is a generalized VHD that you can clone and create VMs with.
Disks is the virtual hard disks associated with the VMs – as you already are
familiar with through the concept of virtualization.
How many disks you can have attached to a single
VM in Azure depends on the ‘VM Size’ like extra small, small, large and extrra
large. The good thing though is that you only pay for what you are using (yeah,
it`s cloud computing) so that every resources are dynamic.
By default, the OS disk in the VMs supports
ReadWrite disk caching, and also ReadOnly.
The data disks supports None, ReadOnly and can
be modified using ‘Set-AzureOSDisk’ or ‘Set-AzureDataDisk’ cmdlets. To connect
to a VM in Windows Azure, you must use the ‘Connect’ button in the Azure portal
to initiate a RDP session, and use the admin login you specified during
creation. If it`s a Linux operating system you would use SSH to logon, that you
installs on your client computer.
Cloud Service Architecture in Windows Azure
The concept of PaaS in Windows Azure is now
called ‘Cloud Service’ and consists of Web Roles and Worker Roles which are
running on VM instances.
In addition, when you create a stand-alone Virtual Machine in Windows Azure, it`s
not bound to a cloud service. But when you are creating an additional VM you
can then find an option to bound those VMs into a cloud service. So in other
words, you can add virtual machines to existing cloud services.
Each cloud service has their own virtual
private network where they can see each other and doesn’t have to communicate through
the public IP/DNS name. The drawback for the moment is that it`s not possible
that two different cloud services can communicate without going through the
public IP/DNS name, but this is a feature that will come in the future.
(Announced during TechEd)
Understanding High Availability in Windows Azure
SLA is an everlasting discussion between the
vendor and the customer.
When we are talking about SLA we are always
thinking about ‘how many nines do we need’. Windows Azure gives you 99,95%
availability if you are following the rules and have at least two instances for
your roles, and 99,9% for a single role instance.
We have something called Fault Domains and
Upgrade Domains in Windows Azure.
Fault Domains represents hardware faults (rack)
and default there is two fault domains for each role.
Update Domains represents how to service the
roles during updates and default there is five update domains. You can create
VM availability sets and spread the VMs on different fault domains
Windows Azure Virtual Networking
As I wrote in the beginning of this article,
you could connect your cloud applications with on-premise resources by using
Service Bus or Azure Connect. The last alternative was not ideal from an IT
pros perspective, as you would have to install this agent on your domain
controller. So let`s take a closer look at the enhancement in the networking
space in Windows Azure.
You have now full control over VM names and can
also take advantage of the Windows Azure provided DNS server, and resolve VMs
by name within the same cloud service. If you want to be able to have name
resolution between virtual machines and role instances located in the same
virtual network but different cloud services, you must use your own DNS server
(more about that in a later blog post).
One of the biggest benefit of Windows Azure DNS
server is that you won’t get the degraded performance by lookup public IP/DNS
when roles and VMs in the same cloud service must communicate, leading to fewer
hops, since they are now communicating on the same virtual network, using
internal IP`s/names.
As a ‘replacement’ for Azure connect, Windows
Azure Virtual Network enables you to design and create secure site-to-site
connectivity and protected virtual networks in the cloud.
Define your own address space for virtual
networks and virtual networks gateways in the same manner as you would do when
you`re working with branch offices.
We will not dive deep into all the details in
this blog post, but you must take a moment and plan carefully when you are
working with your network design, prior to publishing services and roles in
Windows Azure. Consider the following:
-
DNS design
-
Address Space
-
Supported VPN
gateway devices
-
Internet-accessible
IP address for your VPN gateway device
And there`s more…
You can also take advantage of the new
offerings like Web Sites and SQL Databases, and this will also be available in ‘Windows
Azure Services for Windows Server’, but since this blog is mainly focusing on
cloud computing and infrastructure, it will not be covered in this blog post.