Microsoft Windows Azure review
By Tom Henderson and Brendan Allen | Network World US | Published: 14:20, 20 June 2011
Three main components of Azure are currently available: Windows Azure 2008/ 2008 R2 Server Edition Compute Services, Windows SQL Azure instances and storage facilities. These components are sewn together by Microsoft's AppFabric, an orchestration system for messaging, access control and management portal.
However, none of the Windows Azure instances are currently capable of being controlled by Microsoft's System Center management system. They can't be touched by an organisation's Active Directory infrastructure today, only by beta pre-release features. Instance availability through mirroring or clustering is currently unavailable, too.
Overall, it's far too early to recommend Windows Azure. The architectural diagram looks very interesting, and while some pieces appeared ready in testing, big chunks of the Azure offerings aren't ready for enterprise use.
How we tested
We controlled our Microsoft-supplied Azure account from our laptops (MacBook Pros, sometimes running Window 7 VMs) and through our network operations centre resources (numerous Dell, Tyan and HP servers, 10GB Extreme Switch, Compellent SAN, 100Mbps connection hosted at nFrame.com).
We installed the Azure related development environment on a Windows 7 VM, which includes SQL Server 2008 R2 Express, IIS7, Visual Studio 2010 Express, Azure SDK and other components using the Microsoft Web Platform Installer.
Then we proceeded to create a CGI Web Role using Visual Studio. We created a simple test PHP app connecting to the SQL Azure database to make sure we had it working correctly. We also had to get all the configuration settings correct in Visual Studio's config files.
Afterwards, we setup the Wordpress blog to use SQL Azure as the database, and added a plugin, which used Azure Storage for uploaded images/files. We then found about how rebooting an instance causes local drive storage, where our WordPress pilot application was stored, to go away. Even application monitoring claimed the application was working despite the fact that the HTML was missing.
We also pushed the buttons and clicked AppFabric features, and learned Azure and SQL Azure navigation, provisioning and management components.
What you get today
Windows Azure provides production application support through Windows Azure 2008/2008 R2 Server Edition Compute services, Windows SQL Azure, and several forms of data storage. Customers can buy these services in graduated instance sizes, and deploy them into various geographies, and different Microsoft data centers within some of the geographies.
What's available today is a subset of the grander Windows Azure future architectural roadmap. Buying into the Azure vision may turn out to have great value in the future, and the pieces that are running today worked well, but they don't satisfy the wide number of use cases associated with IaaS or PaaS.
Another component of Microsoft's PaaS push is Azure Marketplace, where developers can buy, sell and share building blocks, templates and data sets, plus finished services and apps needed to build Azure platform apps. The DataMarket section's offerings are limited, while the apps section isn't commercially available yet.
Microsoft intends to expand the limited Azure Marketplace offerings with both community and also marketed development tools, Azure-based SaaS third party applications, and other business offerings. Ostensibly third parties will replicate and offer the Azure model to clientele from these and other sources.
Virtual machine roles
Windows Azure components are defined by roles, currently Web Roles and worker roles (based on IIS and .Net functionality), which can run against SQL Azure database instances. The deployed processes are managed through AppFabric, whose functionality exists inside the Azure resource pools as a management layer and messaging infrastructure.
Glaringly absent is the Virtual Machine Role. VM Roles are the commodity-version of Azure Windows Server licences. We've seen them, but because they aren't available yet, extreme constraints are imposed on the current Azure platform.
Lack of a fully-loadable virtual machine capability means that Azure doesn't fit a number of use cases that have become associated with IaaS cloud services. For example, you can't upload your own VM, even if it's religiously bound by all Windows 2003/8 Server R2 constraints, and run it in Azure.
As a result, you can't currently use VM commodity-type services and use-cases found through Amazon EC2, Rackspace, Bluelock, your own internal cloud and other provisioning processes, most of which will digest your Windows 2003/8 R2 Server Edition applications and run them with glee.
Traditional licensing models currently imposed by Microsoft today mean that there is no licence portability for the Windows server instances in Azure. They must be Azure-specific instances and licensed in that way. If you already have Windows 2008 instances, they're not portable into the Azure cloud.
Also, you can't take one of your current on-premises versions of Windows Server 2008, SQL Server or .Net into Azure as a Virtual Hard Disk/VHD-booted instance today. When the VM Role becomes available, Microsoft proposes hypervisor support for Windows 2003+ licence use on Windows Azure, where licence transfer via VM use in the IaaS model will likely be possible.
Microsoft has developed the Azure infrastructure fabric to be emulated and replicated by future managed services providers (MSP), likely at the point when both PaaS and IaaS become available. Microsoft's half dozen data centres will be the core development platform for Azure, but Windows Azure will be rented in a franchise-like fashion in the future, according to Microsoft product marketing spokespeople, much in the way that VMware has service providers renting vCenter.
The final portions of Azure are storage and content distribution (CDN). Windows Azure allowed us to store in the familiar folder (Drive C: style) or via an API which supports BLOBs (Binary Large Objects), tables and queues. Stored data doesn't even have to be in the same data centre or geography, although we found it's a great way to run up data transport costs when we did it accidentally.
We asked for access to the Azure Business Edition and SQL Server Business Edition. Whatever is done inside of the Azure Cloud is controlled by Microsoft's AppFabric, which will place an instance of a pre-determined/pre-selected size in one of its data centres, which are defined by region and specific data centres.
We could choose one of five instance types, ranging in cost from a nickel an hour to nearly a dollar an hour based on platform strength. Storage costs $0.15/GB/month plus a penny per 10,000 storage transactions.
Systems mirroring is currently not available within Azure, unlike Amazon Web Services (which recently and famously crashed despite availability constructs). Availability can be somewhat accomplished by setting the number of instances created in an application to two or more.
VMware-based IaaS services often offer mirroring or other availability services that don't currently exist, except as future clusters, inside of Azure. You'll also be charged for traffic between data centres, even within regions, we found, thus making long distance clustering and/or mirroring for safety quite expensive.
It's important to understand what's not production quality today, since we didn't test these features. These are beta or CTP:
- Virtual Machine Roles - uploadable VM payloads based on virtual hard disks (VHD), Hyper-V features are beta and CTP for eventual use in both IaaS and PaaS models
- Azure Connect - Provides secure IP-level connectivity between Windows Azure and your enterprise, no current VPNs for public/private cloud constructs in production
- Azure Traffic Manager - Load balancing traffic management to multiple host environments with three qualities: performance, failover or round-robin balancing, this is an IaaS feature not currently seen often in PaaS models
- SQL Azure Reporting -which is both CTP and invitation-only
- Connectivity to Microsoft's SaaS BPOS services
- Federated identity options, Active Directory doesn't work today
- Public/Private interaction via the Windows Azure Appliance Platform works only for a few private customers, and is likely CTP
- Mirroring or cluster creation is unavailable
- Microsoft Systems Center modules don't really work because Active Directory federation isn't possible (among other reasons)
- Our current product licences aren't transferrable - SQL Server, Windows 2008R2, and .Net licences aren't usable on Azure, but might be after VHDs work. After all, on a VHD you can load what you want
- Developers and business partners can't use Microsoft Service Provider Licensing Agreements to cover Windows Azure use currently
- Local storage persistence is CTP - only BLOB storage is guaranteed to be persistent after an instance reboot. Drive C is as good as the instance not rebooting unless you unload it from a BLOB first, after the local NTFS drive is initialised after a reboot
We tested Windows Azure by obtaining an Azure account. Once the account was in service, we chose an instance size, a role, then started to work testing the instance with Microsoft Visual Studio.
Eclipse, and a stunning number of third party tools largely using REST communications, are used to talk to .Net functionality inside of an instance. The Windows Azure Server instance storage drives are NTFS volumes, and made using page BLOBs as an NTFS-formatted Virtual Hard Drive.
SQL Azure databases can be connected and used by an Azure 2008 R2 instance, and SQL Azure instances are able to be communicated with via client-side APIs from an external source.
Azure instances are controlled through AppFabric, which is an Azure-resident cloud middleware API and messaging infrastructure, a service bus in Microsoft parlance. It's used for access control, instance setup and chooses how, given the choices we made, an instance would be hosted.
Eventually, AppFabric can be used to provide proposed access identity control between distributed and connected apps or potentially (beta alert) internal appliance-like applications. Storage/metadata caching services are also available from AppFabric, but these were not tested.
Windows Azure runs programs and stores data, and is used in the context of roles that are similar to how Windows Server thinks of roles. Today, using Microsoft's Visual Studio or development suites like Eclipse, you can develop code to run with an IIS web interface, or background Worker Roles which do not use IIS.
We tested Web and Worker Roles along with the SQL Azure Role using a Microsoft Developer Network blog-recommended implementation of Wordpress blogging software into the Azure cloud. The process used a Web Role that accessed Azure storage and used SQL Azure, with the well known WordPress blogging app.
We installed WordPress using Visual Studio Express to create our WordPress Website. After we created a Windows Azure Web Role as an Azure project, we had to add the php SQL Server library, the Azure PHP SDK, php and Wordpress files all in the Visual Studio project. We reacquainted ourselves with the hell of configuration files.
All worked fine until an upgrade demanded a reboot of the instance. Then we discovered that NTFS local storage isn't guaranteed to be persistent, although Windows Azure Drives and BLOBs are. Indeed our storage disappeared as we'd mistakenly chosen NTFS local storage, after we rebooted the instance.
The Azure Web Role WordPress application we used ran within a "medium" Windows Server 2008 instance with two cores at 1.6GHz with 3.5GB of RAM with 490GB of disk space. It costs $0.24 per hour for the instance (not including the SQL Azure costs, which vary per database from $9.95 to $499.95 per month).