Windows Azure VMs go Live
Tuesday, April 16, 2013
I’ve been using Azure VMs since they launched as part of a public preview program last year at TechEd. Since then, I and members of my extended team have:
- Setup a Windows Server 2008 R2 Domain and migrated that domain to Server 2012
- Deployed numerous VMs running the a full compliment of SQL Server technologies
- Setup a continuous integration environment using Team City
- Setup numerous web servers to run development, staging and production workloads
- Deployed a production extranet site running on SharePoint 2013
- Deployed System Center Operations and Service Manager
We’ve learned a lot and have grown with the Azure Infrastructure as a Service platform over the past 9 months. Many improvements were made to Azure IaaS during that time along with a few bumps in the road.
Today, Azure VMs (Infrastructure as a Service) moved out of preview and into General Availability. I was pleasantly surprised to see not only has IaaS reached the GA milestone, which includes full support and an SLA, but there are also some new features and enhancements.
Scott Guthrie has a detailed write-up of the announcement on his blog, along with an in depth review of Azure VMs, so I’m just going to cover the new features announced today.
During the preview period, Azure VM’s were offered at a discounted rate with the understanding that once GA hit, the price would be closely aligned with the Platform as a Service compute service pricing ($0.12/hr for a small instance). Turns out Microsoft was feeling generous, and not only is preview pricing being extended thru May 31st ($.07/hr for a small instance), but on June 1st, full retail pricing will only be **$0.09/hr*- for a small instance.
That’s not all, effective today, Cloud Service pricing has been reduced from $0.12/hr to **$0.08/hr*- retail. All Azure services can be purchased at a discounted rate starting at 20% and going up to 32% by committing to spend a certain dollar amount per month over a 6 or 12 month period. You’ll also want to head over to the pricing calculator as well as the VM pricing details page for all the details.
This is part of a new commitment by Microsoft announced today to match Amazon pricing for commodity services, which are compute, storage and bandwidth.
New VM Sizes
Prior to today, VMs came in the same sizes as Cloud Services (and Web Sites): XS, S, M, L and XL. Two new high memory instances were introduced today, along with new sizing terminology.
Price/hr as of 6/1
|Extra – Large (A4)
Noticeably absent from that chart is A5 which I am optimistically interpreting as a sign that more sizes are on the way.
This page provides more details on the configuration of the VMs, including the number of persistent disks a VM can have. This number ranges from 1 to 16. Even more interesting is a statement that each persistent disk will have a maximum of 500 IOps. In order to achieve greater then 500 IOps, you will need to spread your workload over multiple disks. An important note for SQL workloads, is that the data (mdf) and log (ldf) files should be on the same persistent disk to take advantage of storage account geo replication. There is no benefit to having the log file and data file separate like you would normally see on-premise.
Supported Server Products
While Azure VMs are just Hyper-V VMs hosted by Microsoft, and they’ve run everything I’ve thrown at them, the list of products officially supported by Microsoft for use in a public cloud environment was quite small. With today’s release, the list of supported products has grown, but I’m still looking forward to when almost everything is supported, and the published list is for a small set of legacy/outdated products which are not supported.
You can find the officially supported product list here. Noticeable adds include System Center, Team Foundation Server, Dynamics GP and Nav, and SharePoint. The Windows Server role list looks largely unchanged with Remote Desktop Services still absent.
Note: Most desktop software, such as Visual Studio, Microsoft Office and licenses provided via MSDN, are not authorized for use in any public ****cloud environment, including Azure and Amazon EC2. Hopefully Microsoft corrects this licensing snafu sooner rather then later.
A few small improvements to provisioning were made available today. First, the size of the OS disk for platform images was increased to the maximum of 127GB (additional persistent data disks can be up to 1 TB in size), up from a paltry 30GB. You still should plan to leverage persistent data disks for your installs and data files. Data disks have more flexibility when it comes to disk caching options.
Second, you can customize the name of the administrator account. This makes it slightly harder to brute force attack a VM’s RDP session. I prefer to disallow the administrator from logging on via RDP, instead favoring a less privileged account.
Finally, remote Powershell is enabled, which will allow you to do additional configuration of your VM without having to log in to it. However, one of the last things you should probably do as part of your post provision configuration process is to block Remote Powershell from the internet to minimize your attack surface. If you have several VMs setup in a cloud service, or on a virtual network, you can use remote power shell on your private network.
I don’t believe that anyone expects Microsoft is going to stop working on IaaS with today’s launch. This is just the beginning. Windows Azure and IaaS will continue to evolve, adding features and functionality to make Windows Azure the best cloud platform available. They still have some gaps to close with respect to Amazon, but they’ve laid a pretty solid foundation to build upon going forward. Here is what I have on my wish list.
- Intra-Azure data center connectivity to support HA and DR scenarios with free or reduced bandwidth costs for traffic between those data centers
- Access to the geo-replicated storage account data
- Replication at the VM level between Azure data centers
- Windows Azure Active Directory to evolve to the point where I won’t have to run my own domain controllers for IaaS
- Eliminate barriers to cloud adoption
- Security (i.e. PCI compliance)