New Azure services cross the cloud streams

jets cloud cross
Credit: lampertron via Flickr

An unusual blend of platform and infrastructure services.

Cloud has always been a nebulous term. It spans everything from the efficiencies of massive scale and automated management for doing the same things you can do on your own server, to building blocks for developing your own services that give you simplicity with the minimum of setup -- and often, the minimum of control. We've come to think of infrastructure as a service (Iaas), platform as a service (PaaS), and software as a service (SaaS) as very different flavors of cloud.

With Azure, Microsoft is blurring the lines between them.

With the latest features and services announced at TechEd today, Azure can serve several functions that are often considered quite different. It can be a test desktop in the cloud for developers that's billed by the minute. It can be a virtual data center you can fail over to, the place you both write and serve your web site from, a giant network share in the cloud, and the way you stream desktop apps to tablets. And you can do it all with services rather than complicated, fragile settings.

From PaaS to IaaS, and all points in between

When Microsoft first announced Azure, it was far more of a pure platform cloud: It had its own database that wasn't SQL Server and instead of running a web server on a virtual machine you used a web role to serve your site.

"We started with the full PaaS model but what that did was cut off options for people," points out Azure Technical Fellow Mark Russinovich, "and we want to make sure people have the full spectrum of options."

At the time, customers were more interested in treating Azure as a giant data center in the cloud and Microsoft added more infrastructure services. Those have certainly been successful. IaaS usage on Azure was up to 20% of the service a month after it launched and is currently doubling every six months, with the four most common workloads being classic server workloads -- SQL Server, SharePoint, Oracle, and BizTalk Server.

Azure keeps on getting new features to make it more useful for infrastructure, including the ExpressRoute MPLS connections Microsoft offers through partners like AT&T, BT Verizon, Equinix and Level 3; more powerful virtual machines with more cores, memory, and network bandwidth; and new load balancing features that are ideal for SharePoint farms. If you want more control and more custom code than SharePoint Online gives you, Microsoft wants Azure to be the ideal place for you to get that.

But Azure is also offering more services that blur the lines between PaaS and IaaS in an attempt to combine the simplicity of PaaS with the rich but usually complex approach of IaaS.

At the end of 2013 Microsoft quietly added an agent to all virtual machines that allows it to offer services that work with them; that's what let you manage Azure VMs with Puppet and Chef without remoting in individually to add tools, and it's what lets those tools -- or your custom scripts -- to reach into running VMs and control them. Soon you'll be able to control a VM by typing PowerShell in the Azure portal -- again without ever remoting in to it. You can inject Visual Studio or the new anti-malware tools into VMs through the agent, or use it to control a VM you created directly from Visual Studio. Russinovich calls it a "blending of IaaS and PaaS that we're on a journey towards, so that customers can augment their IaaS software."

There are new services that make it easy to point at Azure by IP address. VIP Reservation means that the virtual IP address you get for Azure services won't change if you take advantage of the flexibility of the cloud by making changes like moving to a different region or removing and redeploying services. You know what the IP address is going to be and that won't change, so you can whitelist it, and you can combine that with instance-level public IP addresses that mean you can just connect to all the ports of a VM, even if you're using load balancing. That's handy for server-level features like passive FTP, but it also means you can point third-party health monitoring services at your VMs in the cloud. What sounds like low-level networking actually allows you to go from platform services to infrastructure and back without having to do the kind of manual configuration that slows down traditional IT.

New file storage and RemoteApp services

Two new services blur the lines even further.

Azure storage currently gives you either a blob or a whole disk, but neither is particularly convenient for sharing data between two VMs in Azure. What you want is a cloud drive for the cloud, and that's what the Azure File Service gives you. It's an SMB 2.1 compatible file store that you can access through a REST interface like any other cloud service, but you can also mount it as a drive in Windows or use it as a file share from your tablet. Think storage as a service.

It's one of those ideas that makes perfect sense in retrospect, but Microsoft's Andrew Edwards points out that "other clouds don't have this today; you can create VMs and file shares on other vendors as long as you're happy to manage your own file share. This is a platform as a service implementation of a file store. We manage it all for you."

Azure RemoteApp is a platform version of desktop as a service. Forget setting up your own data center for VDI or managing client visualization, or even sequencing applications to stream through App-V. You upload a server image with the applications you want to offer installed in it and Azure turns that into a gallery of applications users can stream on their iPad or Android tablet (as well as Windows 7 and 8, in time, Windows RT and Windows Phone 8.1 ... and maybe even in the browser).

Users install the RemoteApp from the app store for their device and get individual applications, not a whole Windows desktop to tap their way through. They can copy and paste, drag and drop, and even print locally.

You get to use Active Directory to choose who gets what applications using roles and groups, or you can do it cloud-style using Microsoft and organizational accounts, and any policies you've created for Remote Desktop sessions still apply. But what you see in Azure is the portal interface where you only have to pick the Azure region, the server image, the applications you want and the users who get them.

Part of the promise of Azure, says Microsoft's Corey Sanders, is that "the problems around management go away."

This blurring of platform and infrastructure tools means that you can have control where you want it without having to go back to hands-on management for everything. It's another kind of hybrid cloud that promises flexibility cloud services that stick to one model or the other may find hard to match.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies