Windows Azure and the Private Cloud
Windows Azure is the public cloud-computing platform for Microsoft. In various customer engagements, people have asked members of our team, "What is the 'private cloud' story for Microsoft?" And by extension, how will the Windows Azure platform and the private cloud work together? Hybrid solutions also span Windows Azure and on-premises resources. So it is also reasonable to assume that on-premises services could be a part of the private cloud. In this way, the line between the private and public may be crossed. In that case, what should a developer know about the private cloud in case one must develop services for it?
In brief, at this time, System Center 2012, and Windows Server 2008 R2 are the two primary pieces of the Microsoft private cloud story. The two together allow IT professionals to deploy, monitor, and manage private and public cloud services in one place, using the same tools. Consolidating numerous functions into one toolset (System Center 2012) also enables system administrators to detect systemic risks or problems, and apply solutions comprehensively. Windows Server plays a part by offering numerous server roles that are used in private cloud solutions.
However, there is another story—for Windows Azure developers: Many of the architectural principles for the private cloud are similar (if not identical) to the principles for building Windows Azure applications. Applications that are designed to work well in the private cloud make for smoother deployment, monitoring, and management by using System Center 2012. And those same applications may also be deployed—in part or in whole—as Windows Azure applications. In fact, one of the most immediate benefits of System Center 2012 is its capacity to manage hybrid solutions: applications that span both on-premises and Windows Azure environments.
So understanding and assimilating good cloud practices now promises more efficiency as the cloud paradigm comes to fruition. Therefore understanding private cloud architecture will have benefits in the future.
This paper lays out the argument for that statement.
“Cloud” and “Private Cloud” Defined
The National Institute of Standards and Technology (NIST) has formally defined cloud computing. The document can be found on the Special Publications page, titled “A NIST Definition of Cloud Computing SP800-145.” In brief, five traits characterize cloud computing:
Broad network access
For an overview of what these terms mean, consult the NIST document.
More importantly, the term “private cloud” is also defined in the paper as a deployment model. To quote:
"Private cloud. The cloud infrastructure is provisioned for exclusive use by a single organization composed of multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises."
A point to take away is that the “private” cloud is actually a part of the larger “cloud” definition. And it is possible to have more than one “cloud” deployed. For that reason, it is reasonable for an enterprise to manage private and public clouds together.
System Center 2012 adds two more values in defining the private cloud:
Control and customization. The ability for a system manager to specify various management conditions and behaviors.
Dedicated to the customer. This dedication is reflected in a new “IT as a Service” attitude, explained further below.
The Microsoft Private Cloud Resource Hub
Microsoft has expanded the NIST concepts into a set of principles, concepts, patterns, and a reference model, which form the foundation for building private cloud infrastructures. This content will be updated periodically over time, and can be found here:
The site contains a catalog of relevant topics, including an architecture overview, and a discussion of a reference architecture. For the first, see Overview of Private Cloud Architecture; for the second, see Reference Architecture for Private Cloud. There are also links to useful blogs, forums, and community sites.
The hub is primarily aimed at IT professionals. However, the material is useful for Windows Azure developers since the architecture guidance applies to all cloud application developers (not only private cloud). For example, developers can leverage the topic Private Cloud Infrastructure as a Service Monitoring and Manageable Applications. Further, public and private clouds built that use the same principles provide the most flexibility and portability. Such applications can deploy to either the public or private cloud.
In fact, the convergence of many items will occur in the cloud space. For example, System Center 2012 manages public and private cloud applications and services and cloud-optimized tools. Thus using the understanding and implementing the same principles for both private and public saves time and effort.
Ready Made: Microsoft Private Cloud Fast Track
If you are looking to build a private cloud on a cloud-optimized system, explore the vendors offering Infrastructure-as-a-Service (IaaS) packages that use Microsoft technologies. For those offerings, see:
These appliances come preconfigured with hardware and software that incorporate best practices from both Microsoft, and the hardware vendors. Further, these partners build systems using the architectural principles, concepts, and patterns.
The Components of the Private Cloud: Windows Server and System Center
The components of the private cloud from Microsoft are System Center 2012 and Windows Server 2008 R2. Here are brief descriptions of the cloud-relevant capabilities.
Windows Server 2008 R2
Applications built for the cloud can leverage services of other applications that run on Windows Server 2008 R2. To name a few:
Dynamics CRM and ERP
Thousands of Microsoft partner applications built for Windows Server
Hybrid Solutions and Hyper-V
The key enabler from Windows Server for private cloud implementations is Windows server 2008 Hyper-V. Users can reap the "self-service" benefit by creating virtual machines as needed with System Center 2012. To integrate security in hybrid scenarios, Windows Server Active Directory Domain Services and Active Directory Federation Services can be used to enable single sign-on across private and public cloud applications.
For further details, please reference the websites for both Windows Server 2008 R2 Hyper-V, and Active Directory technologies. For details about creating a single sign-on solution, see Single Sign-On from Active Directory to a Windows Azure Application Whitepaper
System Center 2012
For a developer, a listing of the System Center 2012 may not seem useful. However note that System Center 2012 is used to manage the end results—applications. It is therefore of some use to understand its capabilities, and the direction of application management.
While all of the System Center 2012 components play a part in delivering private cloud functionality, there are a few key enablers. These components are used to manage applications—on private or public clouds—or hybrid applications that span both. These key enablers include the following.
Virtual Machine Manager
These key components are briefly described here.
IT as a Service
System Center changes the relationship between service consumers and IT professionals.
A “service consumer” is the owner of an application, the person in charge of its deployment. Deployment over an enterprise can be a complex operation. Currently, IT and service consumers must spend time to plan and coordinate a smooth roll-out.
With System Center 2012, the IT professional allocates and configures resources as requested by the service consumer. The service consumer then controls the service deployment with the App Controller. Once deployed, the service consumer can then monitor the service with the Operations Manager. In effect, System Center enables a developer or application owner to rethink of the relationship as “IT as a Service.”
System Center 2012 App Controller
Use System Center 2012 System Center App Controller to accomplish the following scenarios:
Connect to the Windows Azure Management Portal (but not how to obtain a subscription and key)
Create hosted services in Windows Azure
Deploy a hosted service
Scale in or out a deployed service
Upgrade a hosted service deployed to Windows Azure (using environment swap or in-place upgrade)
Assign a user to a role that has permissions to public cloud resources (delegate user access) for both read and read-write access
Change Windows Azure subscription properties (only the properties that App Controller owns (name, description, local certificate password)
For more information, see App Controllerr.
System Center 2012 Operations Manager
Operations Manager enables you to monitor services, devices, and operations for many computers in a single console. Operators can gain rapid insight into the state of the IT environment and the IT services running across different systems and workloads by using numerous views that show state, health, and performance information, as well as alerts generated for availability, performance, configuration and security situations. For more information, see Operations Manager.
System Center 2012 Orchestrator
Orchestrator is a workflow management solution for the data center. Orchestrator lets you automate the creation, monitoring, and deployment of resources in your environment. For more information, see Orchestrator.
System Center 2012 Virtual Machine ManagerSystem Center 2012 Orchestrator
Virtual Machine Manager (VMM) is a management solution for the virtualized datacenter, enabling you to configure and manage your virtualization host, networking, and storage resources in order to create and deploy virtual machines and services to private clouds that you have created. For more information, see Virtual Machine Manager.
This covered a high-level summary of the “private cloud” story for Microsoft. As technology evolves, and new products are realized, this topic will be updated. For the current day, our recommendation is that understanding and implementing good cloud architecture principles will pay great benefits in the future. Consult the Private Cloud Solution Hub site for the latest guidance, and to contribute to the evolution of best practices. Those principles and practices will be relevant to both private and public cloud projects of the future.