In-Depth

New Migration Paths to the Microsoft Cloud

Will emerging developer tools and hybrid Platform as a Service features ramp up project and data deployments to Windows Azure?

Scott Guthrie, the former corporate vice president of the .NET Developer Platform, who's worked on ASP.NET since it was alpha code, will begin the toughest challenge of his career when he assumes control of the Azure Application Platform team, starting this month. The Windows Azure platform will face heightened scrutiny from Microsoft top management after a major reorganization of the company's Server and Tools Business (STB) group and the Developer Division, which is part of the STB. The re-org was announced internally in May.

Microsoft CEO Steve Ballmer -- along with some others on his leadership team -- appears to be disappointed in Windows Azure uptake by .NET developers during its first year of commercial availability. Gaining developer mindshare requires leveraging their current investment in .NET programming skills by minimizing application architecture and coding differences between traditional ASP.NET projects and Windows Azure Web Roles. Convincing developers and their IT managers to sign up for pay-per-use Windows

Azure subscriptions necessitates proof of quick and easy migration of existing ASP.NET Web apps from on-premises or traditionally hosted servers to Microsoft datacenters.

I'll describe the progress the Windows Azure team has made since Bob Muglia, the former head of the STB group, and Scott Guthrie announced a range of new tooling and services at the Microsoft Professional Developers Conference (PDC) in November.

Refresh with a Major Tools Upgrade
PDC10 marked a major upgrade to the Windows Azure SDK and Windows Azure Tools for Microsoft Visual Studio designated v1.3. A much-needed feature was a complete rework of the aging Windows Azure Developers Portal into a modular, Silverlight-enhanced dashboard for managing Windows Azure subscriptions, compute instances, storage resources, content delivery network (CDN), Windows Azure AppFabric Access Control and Service Bus, as well as SQL Azure databases (see Figure 1). The new portal streamlined setting up a new Windows Azure subscription to just a few steps.


[Click on image for larger view.]
Figure 1. Manage active Windows Azure and SQL Azure subscriptions with the current (May 2011) Windows Azure Portal v1.4. The new Windows Azure Portal of November 2010 replaced the original Windows Azure Developer Portal, which dated from the earliest Community Technology Previews (CTPs) in 2008. The new portal reduces the steps to add subscriptions, hosted compute services, Windows Azure storage, SQL Azure databases and other new features, which saves developers time and frustration. Only minor changes for new features resulted from the SDK v1.4 update in March 2011.

The beta version of the v1.3 Virtual Machine (VM) Role lets you host a custom base virtual hard disk (VHD) image of Windows Server 2008 R2 Standard or Enterprise Edition and, optionally, one or more differencing VHDs in Windows Azure. VM Roles enable developers to host existing server apps without modifying their application code, handle long-running setup processes, overcome installation errors or manually intervene in the installation process.

A Community Technology Preview (CTP) of Windows Azure Connect demonstrated setting up IPsec-protected virtual private networks (VPNs) between Windows Azure roles and endpoints in your on-premises network. Windows Azure Connect (formerly "Project Sydney") also lets developers administer and debug Windows Azure Web and Worker Role members. The Windows Azure Team announced three new features for the Windows Azure Connect CTP on May 5, 2011: Certificate-based endpoint activation for local machines to enable customers to leverage existing on-premises public key infrastructures (PKIs) to activate on-premises endpoints securely; multiple enhancements to the Admin UI, including a reorganized ribbon and additional display of endpoint version and support status; and an updated endpoint UI with more diagnostics checks. The team also added new relay locations in Europe and Asia that let customers in those regions choose a relay location closer to their datacenter.

Web Roles began life as Hosted Web Core (HWC) services that didn't run full IIS. For example, HWC restricted a Web Role to a single site. The Windows Azure SDK v1.3 enabled full IIS by adding a <sites> section to the ServiceDefinition.csdef files. Full IIS includes support for multiple sites or virtual applications and activation of WCF Data Services over non-HTTP transports through Windows Activation Services. This v1.3 section defines two Web sites -- a virtual application and a virtual directory:

<Sites>
  <Site name="Web">
    <VirtualApplication name="WebAppA" physicalDirectory="C:\Projects\WebAppA\" />
    <Bindings>
      <Binding name="HttpIn" endpointName="HttpIn" />
    </Bindings>
  </Site>
  <Site name="AnotherSite" physicalDirectory="C:\Projects\AnotherSite">
    <Bindings>
      <Binding hostHeader="anothersite.example.com" name="HttpIn"   
        endpointName="HttpIn"/>
    </Bindings>
  </Site>
</Sites>

According to a Dec. 2, 2010, announcement about the new hosting model for full IIS on the Windows Azure Team Blog:

Under HWC, both the RoleEntryPoint methods (e.g. the OnStart method of your WebRole class which derives from RoleEntryPoint) and the Web site itself run under the WaWebHost.exe process. However, with full IIS, the RoleEntryPoint runs under WaIISHost.exe, while the Web site runs under a normal IIS w3wp.exe process.

A new Elevated Privileges feature lets developers run part or all of their Web or Worker Role code with elevated administrator privileges. New startup tasks and an administrative mode enable silent Microsoft Installer (*.msi) execution, incorporating COM components, adding Registry keys and configuring Windows Server roles. The Windows Azure Team released a Windows Azure SDK v1.3 Refresh (v1.3.1) on Feb. 3, 2011. The Refresh corrected a problem with full IIS Web Roles that enabled Web clients to view -- but not change -- session state information in cookies.

Streamline Windows Azure Debugging
Debugging Web and Worker Roles and measuring their performance have been sticking points for .NET developers since the introduction of Windows Azure. Local memory of Windows Azure compute instances is ephemeral; all local data is lost in the event of a reboot or recovery from hardware failures. Therefore, developers had to add code and configuration entries to Windows Azure projects for storing logs in persistent tables and blobs. The Windows Azure SDK v1.3 release changed the configuration of Windows Azure Diagnostics (WAD) to a public module that developers import to a role. WAD v1.3 simplified setting up default diagnostics and eliminated the need to call DiagnosticsMonitor.Start to start the WAD service (see Listing 1 and Listing 2 in the code download accompanying this article). WAD v1.3 added the capability to substitute file-based configuration with IntelliSense by creating a diagnostics.wadcfg configuration file. An advantage of file-based configuration is that it starts diagnostics setup before Web or Worker Roles start, so diagnostics cover the entire lifecycle of the Role.

Writing code to read and analyze WAD tables and blobs wasn't a piece of cake, either. In October 2010, the System Center team eased the problem by releasing the Windows Azure Monitoring Management Pack for System Center Operations Manager (SCOM) 2007 to automate extracting diagnostic data from Windows Azure tables and blobs. In September 2010, Cerebrata Software Pvt. Ltd. introduced its Azure Diagnostics Manager (ADM) and offered a 30-day free trial. ADM is a Windows Presentation Foundation (WPF) client for managing WAD that lets you view, download and export WAD logs (see Figure 2).


[Click on image for larger view.]
Figure 2. Display Windows Azure diagnostics data in the Cerebrata Azure Diagnostics Manager. Cerebrata Pvt. Ltd. introduced its Azure Diagnostics Manager (ADM) in September 2010, just in time for use with the improved diagnostics features added by the Windows Azure SDK and Windows Azure Tools for Microsoft Visual Studio v1.3 in late November 2010. ADM offers graphic and tabular views of IIS Failed Request logs, Trace logs and Infrastructure logs, as well as an Event Viewer and Performance Counters display.

The v1.3 upgrade also introduced multiple service administrator LiveIDs for Windows Azure subscriptions, Remote Desktop Services to connect to Windows Azure instances, networking enhancements to restrict inter-role traffic and set up fixed ports on input endpoints, and a beta version of Extra Small Instances that costs just U.S. $0.05 per hour (U.S. $36 per month). PDC10 introduced the Windows Azure Marketplace DataMarket; the Marketplace team opened a Windows Azure apps section on Nov. 29, 2010, with 50 apps from 40 partners.

Microsoft Corporate VP Jason Zander, who heads the Visual Studio Team, announced beta 1 of Visual Studio LightSwitch -- a rapid application development framework for generating Model-View-ViewModel (MVVM) Silverlight apps -- on Aug. 3, 2010, at the Visual Studio Live! conference. .NET developers were surprised to learn they couldn't deploy LightSwitch apps to Windows Azure. Beta 2, which became publicly available with a Go Live license on March 17, 2011, enabled transparent deployment of browser and desktop apps to the cloud by selecting the Host Application Services using the Windows Azure option and clicking the Publish button.

Produce Reports from SQL Azure Databases
SQL Azure, which consists of cloud-based clusters of modified SQL Server 2008 R2 instances that replaced pre-release non-relational SQL Server Data Services (SSDS) and SQL Data Services (SDS), was hobbled by lack of support for SQL Server Reporting Services (SSRS). A PDC10 keynote reported the availability of a private beta of SSRS for SQL Azure, which enables scalable and highly available reports, and makes SQL

Azure much more attractive to database developers and enterprise users. SSRS for SQL Azure supports Business Intelligence Design Studio (BIDS) and a read-only version of Report Builder for deployment though BIDS.

On March 9, 2011, the Windows Azure Team released Windows Azure SDK v1.4, which added new features to Windows Azure Connect and the Windows Azure CDN. Fortunately, the SDK v1.4 didn't introduce any breaking changes to C# or Visual Basic code written for the SDK v1.3 and v1.3.1 instances. Connect gained multiple-administrator support on the portal's admin UI, an updated client UI with improved status notifications and diagnostic capabilities, and the ability to install the Windows Azure Connect client on non-English versions of Windows. The CDN received Windows

Azure CDN for Hosted Services, which lets developers use Web and VM Roles as "origins" for delivering highly scaled objects, as well as automatically edge-caching static content at locations throughout the United States, Europe, Asia, Australia and South America. CDN also gained a new management portal checkbox option to enable secure delivery of content with HTTPS.

Simplify Deployment with Server App-V
The Microsoft System Center Team announced on Dec. 22, 2010, a CTP of Microsoft Server Application Virtualization (Server App-V) and the Server Application Virtualization Packaging Tool. Kenon Owens, technical product manager of the Integrated Virtualization Team, described the technology as follows on the Microsoft System Center Team Blog:

Microsoft Server Application Virtualization builds on the technology used in client Application Virtualization, allowing for the separation of application configuration and state from the underlying operating system. This separation and packaging enables existing Windows applications, not specifically designed for Windows Azure, to be deployed on a Windows Azure Worker Role. We can do this in a way where the application state is maintained across reboots or movement of the Worker Role. This process allows existing, on-premises applications to be deployed directly onto Windows Azure, providing yet more flexibility in how organizations can take advantage of Microsoft's cloud capabilities.

Server App-V simplifies app deployment to Windows Azure or on-premises Windows Servers by converting traditional Windows Server apps into a "state-separated" X-copyable image file with the Server App-V sequencer, and deploying the image file to a Windows Azure Worker Role with the Server App-V Packaging Tool. If your server app connects to an on-premises SQL Server instance, Windows Azure Connect can link the SQL Server instance to the Worker Role. Server App-V doesn't replace Windows Azure VM Roles; Microsoft says the two approaches are "complementary."

Deploy Private and Hybrid Clouds
Microsoft Management Summit (MMS) 2011, held from March 21-25 in Las Vegas, offered a total of 28 breakout sessions in its "Cloud Management" track. The majority of these sessions dealt with on-premises "private cloud" topics, although many sessions also covered managing Windows Azure and SQL Azure instances and related topics, including Windows Azure Connect. The term "private cloud" is controversial because "cloud computing" ordinarily infers connections via the public Internet, while "private clouds" by definition are accessible only -- or at least primarily -- via the owning organization's private intranet. Both public and private clouds use server virtualization to provision multi-tenant, highly scalable and available computing and data storage services on-demand with pay-per-use billing or charge-backs.

The Windows Azure Platform Appliance (WAPA), which the Windows Azure Team announced last July at the Microsoft Worldwide Partner Conference 2010, is a private-cloud implementation of Window Azure for large enterprises with very large datacenter requirements. WAPA is intended to reduce fears of cloud-provider lock-in by enabling migration of all hosted data resources from Microsoft datacenters to the customer (owner). Hewlett-Packard Co., Dell Inc. and Fujitsu signed on to be the first WAPA marketers of a limited production deployment, and eBay Inc. intended to don pilgrim garb as the first user. An HP press release crowed: "This latest collaboration extends the $250 million Infrastructure-to-Application initiatives HP and Microsoft announced in January ..."

The System Center Team announced at MMS 2011 a System Center Virtual Machine Manager (VMM) 2012 beta version, and "Project Concero," a new System Center feature for managing apps across public and private clouds. A limited-functionality version of Concero will release to manufacturing in the second half of 2011, according to

Ananthanarayan Sundaran, marketing manager of the Microsoft cloud platform. Sundaran said the initial release will let admins move apps from one VMM cluster to another on a private cloud and from one Windows Azure subscription to another in the public cloud, as well as see apps that are running in both environments, from a single view.

However, the initial Concero release won't support moving applications between private and public clouds, and Microsoft hasn't said when this feature will ship. HP appears to have abandoned WAPA in its current plans for cloud services. A substantial number of recent Microsoft job openings posted for WAPA project and program managers, as well as software engineers, indicates the team is ramping up for release later this year.

Concero and a combination of System Center Configuration Manager, VMM or both will ultimately enable improved self-service provisioning of on-premises and Windows Azure computing and storage resources, including SQL Server 2008 R2, the next version of SQL Server code-named "Denali" and SQL Azure databases. The goal is to permit business managers and developers to allocate their own computing services without assistance from the IT department.

"Hybrid cloud" architecture -- which involves connecting public and private clouds with a VPN such as Windows Azure Connect -- is a topic of growing importance. Sundaran said the WAPA release will be the linchpin to enabling the hybrid cloud management feature in Concero. The appliance will let IT organizations purchase "Windows Azure in a box." This approach will make it easier to connect on-premises datacenters to the Windows Azure public cloud because both will have common compute fabric and storage architectures. Sundaran attributed the delay in shipping WAPA to difficulty in scaling the Windows Azure fabric architecture down from requiring a minimum of 900 servers to 200 or less. The smaller minimum server complement greatly expands the potential WAPA market.

Performance and Traffic
Scott Guthrie took advantage of the Microsoft MIX11 conference, which occurred April 12-14 at the Las Vegas Mandalay Bay hotel, to announce the production release of the Windows Azure AppFabric Caching service and Access Control Service (ACS) v2.0. The Caching service is a distributed, in-memory, application cache service that accelerates the performance of Windows Azure and SQL Azure apps by letting developers keep data in-memory, which eliminates the need to repeatedly retrieve that data from storage or databases. The Windows Azure Team derived AppFabric Caching from Windows Server Caching (formerly called "Velocity"), so it also supports caching ASP.NET SessionState and integrates easily with existing applications that use Velocity. The service uses ACS v2.0 for authentication.

ACS v2.0 delivers a single sign-on experience to applications by integrating with standards-based identity providers, including enterprise directories such as Active Directory and Web identities such as Windows Live ID, Google, Yahoo! and Facebook. ACS v2.0 also supports any identity provider that supports WS-Federation, such as Microsoft Active Directory Federation Services (AD FS). ACS v2.0 can convert the token retrieved from the identity provider into a SAML 1.1 or SAML 2.0 token or a Simple Web Token (SWT) that the target Web resource expects. ACS v2.0 also supports

WS-Trust, OAuth 2.0 and OAuth WRAP 0.9 protocols for both inbound token requests and issuing outbound tokens.

The Windows Azure Team also announced a Windows Azure Traffic Manager (WATM) private CTP at MIX11. WATM enables deployment of the same app to geographically dispersed datacenters to distribute workload between these datacenters by round robin, failover and performance-based load-balancing schemes. It directs end-user traffic to the nearest datacenter based on network proximity. WATM enhances application performance, availability, reliability and scalability. WATM is independent of the Windows Azure CDN infrastructure; it's meant for cloud application service delivery. In contrast, CDN infrastructure is meant for delivering content through edge nodes.

While WATM enables distributed, load-balanced traffic management, the app developer is still responsible for reconciling the transactional state data collected at multiple datacenters and replication of reference data from the single master source. Developers can use SQL Azure Data Sync v2.0 to replicate reference data and to aggregate transactional state. You can sign up for the WATM and SQL Azure Data Sync private CTPs at the new Windows Azure portal. (See "Table 1. Timeline of Advances in Migrating .NET Projects and SQL Server Databases to Windows Azure and SQL Azure" online for additional resources.)

Scott Guthrie will face serious challenges as he attempts to ramp up the number of paying customers for Windows Azure and SQL Azure. Fortunately, he'll have an arsenal of new features to ease migration of on-premises ASP.NET apps, WCF Data Services and SQL Server databases to highly scalable and available Windows Azure and SQL Azure services.

About the Author

Roger Jennings is an independent XML Web services and database developer and writer. His latest books include "Special Edition Using Microsoft Office Access 2007" (QUE Books, 2007) and "Expert One-on-One Visual Basic 2005 Database Programming" (WROX/Wiley, 2005). He’s also a VSM contributing editor and online columnist and manages the OakLeaf Systems blog. Jennings’ Code of Federal Regulations Web services won Microsoft’s 2002 .NET Best Horizontal Solution Award. Reach him at Roger_Jennings@compuserve.com.

comments powered by Disqus

Featured

Subscribe on YouTube