Microsoft has put the development of new services running on Windows Azure in a fast pace. Time to give some high level information on the latest Windows Azure feature named Virtual Machines.
Windows Azure is run in Microsoft owned and operated datacenters located in several regions worldwide. At the time of writing there are no other Cloud Service Providers running this Azure service unlike the VMware vCloud Datacenter Provider program.
When using Azure features the cloud consumer will have a contract with Microsoft. Being an USA company this means data stored in Azure is subject to the Patriot Act.
China might be the first country in which Windows Azure is licensed to another provider. In this post at CRN.com is written that China provider 21Vianet will be offering Azure in China located datacenters. 21Vianet bills itself as the largest carrier-neutral Internet data center services provider in China. Microsoft Office365 will also be offered by 21Vianet.
Development of Azure
Initially Azure was a Platform as a Service (Paas) only cloud offer. It was generally available in February 2010. Software developers could develop and run applications on it. The operating system, storage, networking was totally hidden.
However the fact that the operating system could not be selected limited customers into migration of applications to Azure. They had to rewrite applications.
Microsoft decided Azure needed an additional service which enables Infrastructure as a Service (IaaS). In this model the Windows Azure customer also has control over operating system, storage and networking. Here came the Infrastructure as a Service offer by Windows Azure which was introduced at 7 June 2012 at the Meet Windows Azure event. The feature is named Windows Azure Virtual Machines (WAVM)
Basically it enables customers to use their own platform of choice to run applications on. Applications can be moved in and out Azure. By enabling VHD import and export customers are not locked-in into Azure.
The Virtual Machine feature offers persistent storage for its local disks. This means all the data located on the drives are kept after a reboot or failure of the VM or host. In the past when a VM or host crashed it lost all of its local stored data.
Windows Azure Virtual Machines provisioning
Customers are able to create virtual machines based on templates offered in the Azure catalog or are able to upload self created images in VHD format. Images are available for Windows Server 2008 R2, Windows Server 2012, OpenLogic CentOS 6.2 , SUSE Linux Enterprise Server, Ubuntu Server 12.04 and openSUSE 12.1
Virtual machines can be created manually using a wizard or automated using PowerShell scripts.
If a customer wants to use its own VHD file this can be uploaded from the own infrastructure to Azure using CSUpload. It allows you to upload VHDs as data disks or bootable OS disks. CSUpload.exe is part of the Windows Azure 1.7 SDK
Virtul Machines are available in 5 sizes: extra small, small, medium, large and extra large. See the specifications in the slide below.
Each persistent data disk can be up to 1 TB. Maximum 16 disks can be stripped by the operating system running in the guest to make a large disk
Virtual Machines can be accessed using Internet Explorer (I tried Firefox but ran into some issues) to log in to the Azure Management Portal. This portal allows to create new virtual machines, stop VMs, start VMs, remove VMs, clone, edit specifications, add a disk and some other tasks. Access is done using a Windows Live account.
If both a private cloud managed by System Center 2012 and Azure is used, both can be managed using System Center App Control. This console allows an overview of both private and Azure public cloud. When SP1 is released also public clouds hosted by other providers can be connected.
In SP1 it will also be possible to move or copy VHD files from System Center Virtual Machine Manager to Azure. Currently this has to be performed using a command shell executable.
Also VMs can be migrated to Azure, although not using Live Migration. A VM will be adjusted to fit as close as possible to one of the 5 VM sizes available in Azure (small, medium etc)
Virtual machines can be created standalone or part of a cloud service. Cloud services is a set of virtual machines are located in two fault domains. A fault domain is a set of single point of failures. A rack, a server or a Top of Rack router (TOR). If a TOR router fails, all servers in a rack fail. Windows Azure will make sure a VM part of a cloud services are running in separate fault domains.
An update domain represents a group of resources that are updated together. So updates will be done in small slices to prevent all servers having issues after an update or all services going down for a reboot.
Virtual machines running on Azure cannot be live migrated from one host to another for loadbalancing or planned maitenance. If a host needs maintenance the VM will need to be shut down. This is reflected in the SLA.
Virtual Machine Availablity Set
Windows Azure has a feature to make applications high available. This is the availability set. The availabilty set basicaly makes sure members (virtual machines with the same role, like webservers) never run on the same physical host in the same rack.Kind of an anti-affinity rule we know of for Hyper-V. More on this Windows Azure blog.
Data of Windows Azure Virtual Machines is written at three different places in the datacenter. The data is also replicated to another datacenter.
You will find the name Blobstorage often in Azure documentation. Blob stand for Binary Large Objects. It is a service for storing large amounts of unstructured data that can be accessed from anywhere in the world via HTTP or HTTPS. A single blob can be hundreds of gigabytes in size, and a single storage account can contain up to 100TB of blobs. A virtual disk file of a VM is stored ad Page Blobs in Blob storage. This makes the data persistant.
For connectivity between the own on-premises network and the Azure network a site to site VPN connection needs to be created. This can simply be done using the Azure Management Portal. First a network needs to be defined. This has a virtual network which is created for the Azure cloud, then a local network on-premises. Then a config script can be downloaded to configure the VPN device on-premises. This script will support the devices shown in the slide below .A video explaining the setup of the site to site virtual network can be downloaded here.
Azure Supported VPN devices site to site network
Service Level Agreement
For the Virtual Machine service Microsoft has a 99,9% uptime SLA for VMs which are running as a single instance. For VMs running in an availability set Azure promises a > 99,95 % uptime SLA.
Active Directory integration
Servers running in the Windows Azure cloud can be joined to the same Active Directory domain your are running on-premises. The VPN site to site connection does the connection. The Azure VMs are just another AD site.
Remote access to one of the virtual machines using RDP or SSH(For Linux) is possible in windows Azure using port forwarding. Each virtual machine gets a unique public port number. This port combined with the public facing IP-address of your azure cloud can be used to directly access a VM.
The price of using Azure Virtual Machines is based on:
-the specs of the VM used
-the storage usage
-if the storage is replicated or not to another region
-number of disk transactions
-data transfer going out the Azure datacenter (incoming is free)
-duration of the VPN site to site connection
See for more details and a calculation the Azure website.
The Windows licenses for the Windows VMs running in Windows Azure are included in the price. Per type of VMs a different price per hour is charged. The higher the specs, the higher the price. It does not matter if the VM is on or off. Even a switched off VM needs to be paid. Besides that, the storage usage is charged seperately. Also the usage of the VPN connection is charged per hour.
The picture below shows that even when a VM is stopped, charging continues.
As an alternative to the Pay-as-you-go model two other payments are available: a 6-month or a 12-month commitment plan. This is based on a commitment of the consumer. A minimum duration of the usage of the Azure cloud service and a minumum consumption. The higher the commitment, the more discount is given by Microsoft.
A separate account portal allows the consumer to view the actual costs of Azure. It shows the various subscriptions, the billing period etc. Billing is done per month.
Enabling Hyper-V role on Azure Virtual Machines
Unfortunately it is not possible to enable the Hyper-V role on a Windows Server 2012 Virtual Machine in Azure. As expected an error is displayed saying Hyper-V cannot be installed. A hypervisor is already running.
Some more interesting links
Presentation at TechEd Australia
A cloudy Place
Mark Russinovich presentation on Azure Virtual Machines at TechEd 2012 USA