A blog covering Azure, Hyper-V, Windows Server, desktop, systems management, deployment, and so on …
Last Sunday Wiley released the electronic version of Microsoft Private Cloud Computing in Amazon Kindle, and other formats such as iTunes.
Oddly enough, the paper version is usually released before the digital ones. I know that sounds backwards but it has always been my experience. I can confirm that the paper editions are actually available. There seems to have been an issue with distribution so Amazon still don’t have stock but should have soon.
A number of new Windows Server 2012 Hyper-V and related features were made public last week at TechEd NA 2012. I have updated my list to include those features.
If you want to learn how to use System Center 2012 to build and manage the fabrics of your private cloud then you can go to Amazon and buy Microsoft Private Cloud Computing. It’s available on Kindle now … even before any of the authors have seen the finished product 
The new version of Windows Intune is going live today. Intune is the cloud based user device management solution that bundles:
I say “user device management” because Intune now supports:
And as reported at MMS, this includes side-loading apps onto Android and IOS.
A unified experience across all devices through:
The ability to help secure corporate data on mobile devices through:
The ability to make licensed internal line-of-business applications available for your users through:
An on-premises component to orchestrate communication between Exchange Server 2010
Service Pack 1 and later, and Windows Intune
A computer that has access to the Exchange environment. The computer must meet the
following requirements:
There is a new company portal:
Windows Intune now uses the same Azure-based AD services as Office 365. This includes the ability, by the looks of it, to synchronise with your on-premise AD. Now your internal users can appear in Intune.
You can read this getting started guide to … well … get started.
I am live blogging so refresh for updates. I’m not interested in the coder stuff so I’m only recording what’s of interest to me as an IT Pro.
VMs
He creates a persistent Windows VM where you can install anything you want that runs on Windows. Then he creates a Ubuntu VM from a Mac, choosing the distro from a library. The web console looks quite attractive and simple.
He can RDP into the Windows VM and SSH into the Linux VM. You can mix PaaS and IaaS on Azure to create a service.
You can integrate with existing systems in your own data centre or another service provider via the new VPN capability. When you create a network … you specify your own address space and it doesn’t clash with other tenants’ address spaces. THIS IS NETWORK VIRTUALISATION from WS2012. Creating the VPN looks easy … specify your local VPN and it’ll produce a script for you to run o your local endpoint. Nice! Give the person who thought of that a nice bonus.
VM Portability: VMs are using VHD. You can upload a VM from your data centre to Azure without export/import. You can also download a VHD to local without export/import. This means you don’t have lock-in. You can move to local private cloud or to other service providers. Big plus over PaaS.
The VM persistent storage is triple replicated. There are always two backup copies that can auto startup/connect if you get a bad disk. Replication to another data centre (e.g. Dublin to Amsterdam) is available for geo fault tolerance.
Websites Hosting
You can build and deploy websites using things like FTP or TFS. It’s a shared multi tenant environment that can scale out to dedicated instances. A web site is quickly created. A web site connections profile is saved, allowing easy connection of Visual Studio. Publish the project and a new website is uploaded, using the same type of persistent Azure storage as VMs. A republish just uploads the changed files. There is real near time metrics of the site via monitoring. You can customise this monitoring. That was .NET. Then he switches over to a Mac with a different run time platform, NodeJS or something.
Without writing code, he creates a site from templates: WordPress, etc are in there. MySQL is supported on the backend. Free MySQL instance with every Azure instance. The template does all the setup/deployment work for you – you just have the final wizard to configure/secure it.
If the blog scales? By default it’s in a multitenant instance. You can fire up more processes in this instance. You can also scale out to get reserved instances – basically dedicated VMs under the Azure hood. Azure does all the load balancing stuff for you. Nice way to transition from ultra basic to BIG.
I’ve just checked out the Web hosting plan. Yes, you get 10 free web sites. But that does not cover SQL Server space or network bandwidth – additional cost. When I plugged in some numbers, my current 10 site hosting plan by a local company with excellent support is 1/3 cheaper. I guess Azure will be good if you’re planning on scaling out your website.
And it went all dev after that. That’s all folks.
Azure, as it was previously, was a Platform-as-a-Service (PaaS), where developers could upload applications, run databases, and store data. All that continues. But there was no way to run virtual machines or websites like in traditional website or virtual private server (VPS) hosting. PaaS on Azure looked very cool to developers with a lot of interesting back end services. But the problem with PaaS is vendor lock-in. You cannot take the application and move it to another hosting company like you can with a VM or a website; the code is written for Azure and its services.
Then a few years ago at the PDC conference, it was announced that virtual machine hosting was coming to Azure. Surely this would give customers an atomic unit, a VM like we know in Hyper-V, that could be moved around? Sort of. The problem was that this proposed service would be stateless. Reboot the VM and reset it back to its original state; data was stored on the other Azure services. That’s not how we work with infrastructure so how could it be useful to us?
Then Mary Jo Foley reported many months ago that true stateful Infrastructure-as-a-Service (IaaS) was coming to Azure. And yesterday, the details were announced by Microsoft. They also released a document that gives a bit more detail on the new services:
Windows Azure Virtual Machines
You can take your normal Windows or Linux virtual machine workloads (Hyper-V compatible I guess), and run them in the public cloud (Azure). These are persistent virtual machines, just like traditional VPS hosting. The supported OSs at this point are:
That looks pretty similar to the supported OSs for Hyper-V, with the addition of OpenSUSE 12.1. I wonder if that’s in Hyper-V’s future?
Windows Azure Virtual Network
Question: Can I create a Hybrid cloud where I run services on my private cloud (in my data centre) and in a public cloud (Azure), where my public cloud service is not open to the entire Internet audience.
Answer: Yes. You can set up a site-site VPN using Windows Azure Virtual Network. To be honest, some of the clues to this have been around for quite a while. Take a look at some of the MSFT slides for Windows Server 2012, especially around VPN.
This is interesting:
With Virtual Network, IT administrators can extend on-premises networks into the cloud with control over network topology, including configuration of IP addresses, routing tables and security policies.
Does that sound familiar? Do you think that there’s a bigger vision here, with MSFT providing a unified solution for public and private cloud, including Windows Server 2012 and Windows Azure Services? You should.
Windows Azure Web Sites
Some people just want space to host a website. Something nice and simple. That’s exactly how I run this blog; I have a simple account that allows me X websites, space, and traffic. I then upload/install a web app in the space and away I go, talking shite for years on end 
And when it comes to host, that’s the majority of what people want. It’s enough of an online presence for the majority businesses, more flexible than the alternative that MSFT offered: SharePoint in Office 365. Welcome Windows Azuer Web Sites:
…easily build and deploy websites with support for multiple frameworks and popular open source applications, including ASP.NET, PHP and Node.js. With just a few clicks, developers can take advantage of Windows Azure’s global scale without having to worry about operations, servers or infrastructure.
They go on:
It is easy to deploy existing sites, if they run on Internet Information Services (IIS) 7, or to build new sites, with a free offer of 10 websites upon signup, with the ability to scale up as needed with reserved instances.
Did I just read the word “free”? Really? What’s the catch? Surely there is a catch?
This isn’t just for .NET and SQL Server either:
Windows Azure Management Portal
The most difficult piece of hosting is not the web servers and it’s not the virtualisation layer. The most difficult piece is the portal, or as it’s traditionally known in the hosting business, the control panel.
… the new Windows Azure Management Portal provides an integrated management experience across Windows Azure workloads in a single, modern user experience and is accessible from various platforms and devices.
The Windows Azure Preview Portal supports the following services:
There are other Azure improvements in this announcement, so check out the aforementioned document to get the details.
Online Presentation
Microsoft is running an online presentation later today to launch these new services. It is on at 9PM Irish/UK time (10PM CET), and unfortunate time of day to choose for such an event. A 9am PST event would have been better, then being 5pm UK/Irish time and 6PM CET.
What Does All This Mean?
Nothing has been announced but we could speculate At Build it was made clear that lots of lessons were learned from Azure to make Hyper-V better. Network Virtualisation was pitched as a way to move VMs from the private cloud to a public cloud (exactly what Azure is) with minimal disruption. So maybe you could move Hyper-V VMs right up there! Could that be partly why we have Shared Nothing Live Migration? That’s a bit of a stretch, because Live Migration does require bandwidth.
One of the sales pitches with Hyper-V Replica is virtual DR in the cloud. Hmm, what if you could replicate VMs to Azure? But don’t forget that there’s more to virtual DR than starting up your VMs. Remember that user’s need a way to access the services, assuming that their PCs are burned down or under a flood too (see VDI or virtual RDS).
I think over the next 2 years we could see some very interesting ways for us to expand our infrastructure footprint into Azure, and in ways we might not be expecting … yet another reason to be considering Windows Server 2012 instead of the alternative.
What About Other Hosting Companies?
There are a few reasons that I chose to get out of the hosting business back in 2010. One of the big ones was that I saw the writing on the wall. The likes of HP, Dell, Amazon, and Microsoft are too big to compete with on a large scale. Yes, there are lots of customers who will want the bespoke services that a boutique and local hosting company can offer, but there aren’t that many of them. And the year 2012 reminds me of the year 2001: everyone with a modem is launching a cloud (hosting) company. Not many of them will be around in 2014, and very few of those extinctions will be because of acquisition (the good way to go out of business).
Hosting companies that are Microsoft partners might feel like their partner relationship is strained this morning. MSFT can be cheaper and out market you just by their pure scale. Service innovation will be the key. Do it better. Give a more human service where there’s an account manager and the helpdesk is more responsive. Offer engineering and customisation services (consulting). Don’t sell space … because this is a commodity market and the big guy always wins. At least, that’s what I think.
I have updated and expanded the list of new features in Windows Server 2012 (previously Windows Server “8”) Hyper-V and related technologies. The list is huge and changing, and I’m sure to have missed some things out.
I just saw this tweet by Damian Flynn, regarding the book Microsoft Private Cloud Computing (Sybex, 2012):
#MsftPrivateCloud And it is done, that final edits have being submitted and the printer takes ownership tomorrow!
Hans, Patrick and Damian did in incredible amount of work on this book. In fact, Damian went the extra mile *twice* (or was it three times? 
) to make sure the reader got the very best and latest information on this solution (it’s hard writing a book on something before it RTMs). Gentlemen, I salute you!
Amazon has a date of July 3rd posted. That’s not always accurate. And yes, there will be ebook versions, such as Kindle. Don’t ask me when – you’ll know before I do.
Every now and then I hear someone complaining about how long it takes to create a fixed VHD/VHDX. There’s a very good reason, as this story on NetworkWorld shows:
A forensic IT study by a U.K. security consultancy found that some multi-tenant public cloud providers have "dirty disks" that are not fully wiped clean after each use by a customer, leaving potentially sensitive data exposed to other users.
FYI, AFAIK most of the mentioned companies are using some variant of Xen or vSphere. The issue here is that Customer A buys a VM and uses it to store data in a virtual disk. That virtual disk is a file that is stored on physical disk. Customer A eventually decommissions the VM or their storage is relocated. Now think about what a delete really is; it’s not a secure delete. Deleting a file simply removes the entries from the file system table. The 1’s and 0’s are still there, waiting to be read.
Now along comes Hacker B who buys a VM and deploys it. Their VHD is placed over the same location of physical disk as Customer A’s old VM. Without any security measures, Hacker B can simply run a disk scan tool, from within their VM, and find those 1’s and 0’s, pretty much doing some disk forensics to restore the “deleted” data that Customer A previously stored in their VM. And that’s exactly what that study found was possible with a number of public cloud providers:
… Rackspace and VSP.net had the vulnerability.
The Microsoft developers VHD/VHDX were aware of this and took measures to prevent it. When you create a VHD/VHDX it securely wipes the contents of the file as it is created. This prevents access to data that was previously on the underlying physical disk. Disk forensics will get you nowhere.
A number of 3rd party tools are out there to instantly create fixed VHDs but they fail to implement this secure wipe so the process can be speeded up, thus putting the hosting company at risk of this threat. In this case, it is a matter of balancing a genuine security risk (especially in a public cloud) versus performance (of deploying new virtual machine storage while the customer watches a progress bar on a web portal).
The story continues to report that the mentioned affected hosting companies resolved the issue after they were informed.
It opens with a movie trailer about the IT Pro, and up jumps Brad Anderson.
Continuous services and connected devices. For every 600 phones, 1 server is stood up to support them. It’s 100/1 for desktops.
This year, the number of virtual OS instances will be double the number of physical instances. The industry needs to get better and managing these rapidly deploying virtual instances. This is a shift beyond virtualisation to cloud computing.
Their cloud definition is:
Similar to NIST definition. Cloud is not defined by location, e.g. there is public, private, and hybrid cloud. See chapter 1 of Microsoft Private Cloud Computing for more. If there is 1 tenant, it is private. If there >1 tenant then it is a public cloud …. not strictly true on NIST definition, but close.
Drivers of cloud:
No substitute for experience. MSFT is the only company operating public and a private cloud services for their customers.
The 4 common techs are:
Rest of session is focusing on Private Cloud = Windows Server and System Center. We get the announcement of GA for System Center …. 2 weeks after the actual GA. Simplification was a big focus, from licensing, to deployment, to administration.
100,000 servers were managed by the release candidate of System Center 2012.
Fast Track
Private Cloud configurations that are certified by MSFT, provided as out of the box solutions by the likes of HP.
Agile Resource Management
Vijay Tewari comes out to demo. vSphere 4.0 and XenServer are managed by VMM 2012. Multi-platform clouds. He goes through the process of doing a bare metal Hyper-V deployment on some HP DL servers via iLO. Funny video of Vijay going to Blue Man Group and swimming while his hosts build – automation takes care of the time consuming repetitive work.
Agile Service Level Delivery
Ryan O’Hara is on stage. We get some smooth does some demos with Service Manager reaching into the rest of System Center to deploy a service, and then OpsMgr detecting a breach of SLA so it can scale out the service automatically via VMM service template.
Back to Brad. System Center understands the environment thanks to partner extensions. Application monitoring gives deep insight into J2EE and .Net apps to avoid the admin VS dev finger pointing when there is a problem.
Ryan demos an app breaching SLA in OpsMgr. Then he goes into App Monitoring to diagnose where in the code the problem is.
Certification
The MCSE is back. Ugh! Private cloud certification.
Windows Server 2012
Here comes the announcement. Want to learn more?
Jeff Woolsey comes out. He’s the head PM for Hyper-V. This is a cloud platform release. Lots of stuff that I previously blogged. We see shared nothing live migration in VMM 2012 SP1. There’s a problem in the demo … the memory LM takes waaay too long for a 2 GB RAM VM. No one seems to notice.
Now we see network virtualisation where 2 VMs have the same IP on the same cloud, but are still routing.
App Controller
A new SP1 feature where you can integrate with any hoster that offers the service. You can integrate your cloud with their private cloud and deploy services in their public cloud.
The Microsoft Private Cloud
Winners lead, don’t follow.