Microsoft Cloud OS: An Overview
In this article, we are going to introduce you to the concept of cloud computing (including public, private, and hybrid clouds). We’ll also discuss how Microsoft has engineered a cloud OS with Windows Server 2012 and System Center 2012 with Service Pack 1.
What Is a Cloud?
Microsoft made a big deal about taking us “beyond virtualization” with the release of Windows Server 2012. What that meant was they were bringing us to an era of cloud computing with a designed-for-purpose solution. Cloud computing isn’t just a marketing term, although many marketers misuse it.
Cloud computing has been driven by a change of attitude towards computing services. Traditionally, IT is a black box in the business, providing centrally or distributed services that are designed, engineered, and maintained by IT. The business sees IT as slow, inflexible, and unresponsive to threats and opportunities. Meanwhile, IT staff feel overwhelmed. Cloud computing requires one essential change in perspective. Those who are familiar with ITIL (Information Technology Infrastructure Library) or MOF (Microsoft Open Framework, a Microsoft focused version of ITIL) understand that IT provides services to customers. That is exactly what cloud computing does, but those customers can be internal or external, and (cross-) charging for those services is optional.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
(Image via Microsoft)
The American National Institution of Standards and Technology (NIST) wrote a definition of cloud computing that is widely accepted. There are several essential characteristics in a cloud:
- Self-service: The customer can deploy services for themselves via a portal. These services are deployed from IT engineered and managed templates. This makes the business more responsive to change, and relieves repetitive workload and stress from IT.
- Broad network access: The NIST definition is vague, referring to a variety of clients from many locations. However, this trait can be interpreted to include network connectivity and abstraction.
- Resource pooling: There is a centralization of compute resources and fabrics. This can allow for a multi-tenant infrastructure. A tenant is a consumer. For example, a hosting company might have many thousands of tenants (customers), or a university might have a few tenants (faculties).
- Rapid elasticity: It must be possible to quickly expand or shrink a service’s resources. This provides the business with the ability to grow or shrink based on demand of those services, and to control costs effectively.
- Measured service: The resource usage of deployed services should be measured. The data might be used for cross-charging for resource consumption.
Service Models of Cloud Computing
There are three service models of cloud computing. Each of these models must have the characteristics of a cloud:
- Software-as-a-Service (Saas): A consumer uses a specially built multi-tenant application in SaaS. An example of this is Office 365.
- Platform-as-a-Service (PaaS): In this model, the consumer writes applications to run on a PaaS cloud. Examples of PaaS are Facebook (apps) and Azure Cloud Services.
- Infrastructure-as-a-Service (IaaS): An IaaS cloud allows consumers to deploy infrastructure for themselves, such as virtual machines. Amazon EC2 and Azure Infrastructure Services are examples of IaaS. This is where the Microsoft Cloud OS resides.
Deployment Models of Cloud Computing
There is a misconception that cloud computing means outsourcing. Certainly, there are some organizations whose existence depends on you believing that. Conversely, there are those who work in IT infrastructure that panic when they hear that their bosses are meeting with someone to talk about “the cloud.” In reality, there are four deployment models of a cloud. A service model can be deployed as any one of these deployment models.
- Public cloud: Often referred to as “the cloud,” this is a cloud that is owned by a service provider. The consumers of services are external customers. The cloud is owned by the service provider, and the external consumers pay for services that they consume over the Internet.
- Private cloud: This is a cloud that is dedicated to a single customer. It is still capable of being multi-tenant. In this case, the tenants are units within the single organization. Normally, a private cloud resides in a company-owned facility. There is a concept of a hosted private cloud, where the dedicated cloud is hosted and possibly managed by a hosting company.
- Hybrid cloud: This is a mixture of public and private clouds. In this model, the organization operates a private cloud. Sensitive or non-scaled services might be placed in the private cloud. However, there are links to allow the private cloud to expand into a public cloud infrastructure(s). This enables the business to place services into private, public, or both clouds, according to the needs of the elements of the services.
- Community cloud: This concept is one that might be adopted by close partners, such as universities that pool resources. This cloud is there to serve the needs of the partnering organizations. It might be owned by one, some, or all of the partners.
Once you understand what a cloud is, take a look at your virtualization (KVM, ESXi, Hyper-V, XenServer, etc.) and ask yourself, “Do I really have a cloud?” Virtualization is not a cloud – it is an enabler of the cloud. For example, templates can be deployed from a library. This enables rapid deployment, self service, and potentially makes elasticity a realistic possibility under the right circumstances.
Microsoft’s Background in Cloud Computing
The term “cloud computing” is relatively new. The cloud didn’t start with Amazon or Salesforce. If you look at the traits and models of a cloud, you’ll quickly see that Microsoft (and many other companies too) has been in the cloud business for a long time without knowing it. Hotmail (now Outlook.com), Bing, MSN Messenger (now Skype), and hundreds of other services are public clouds (mainly of the SaaS variety). In recent years, Microsoft has deployed huge data centers around the world (operated by Microsoft Global Foundation Services) that host services such as Azure and Office 365. Deploying, managing, and owning these data centers has given Microsoft a huge opportunity to learn and innovate in ways that would have been otherwise impossible.
Microsoft could have kept those new infrastructural components to themselves, but instead, they have decided to release them as a part of their cloud OS. This means that Microsoft customers can deploy private and hybrid clouds with similar functionality to Azure Infrastructure Services. Microsoft partners are not left out: they too can offer hosted private, public and hybrid clouds to their customers that are on a par with Azure Infrastructure Services.
What Is the Cloud OS?
Microsoft’s Cloud OS allows you to build IaaS public, private, and hybrid clouds that have all of the generally accepted characteristics of a cloud. There are two components to the Cloud OS, which I’ll go into further in a moment.
- Windows Server 2012: Hyper-V provides the virtualization and networking functionality for IaaS.
- System Center 2012 with Service Pack 1 (SP1): This suite of hugely powerful enterprise management and automation products builds upon Windows Server 2012 to complete the package.
Windows Server 2012 Hyper-V
The list of new features and enhancements in Windows Server 2012 Hyper-V (let alone the rest of the OS) is staggering. A number of the features were designed for building the compute resources of a cloud, and some even started life in Windows Azure.
- Hyper-V Network Virtualization (HNV): In a public cloud, each tenant needs to be isolated. This has been done using VLANs, a solution that was originally intended to be used for breaking up broadcast domains and network subnets. VLANs are messy to own and have limited scalability (4096 VLANs). HNV, also referred to as Software Defined Networking, allows a cloud to operate a simple physical layer of provider (IP) addresses. Each tenant is assigned one or more virtual networks, called a VM Network, where their services operate using abstracted consumer (IP) addresses. VM Networks provide the tenant isolation that is a requirement in a cloud. A side effect of the abstraction of VM Networks is that they can have overlapping consumer addresses. This means many tenants can continue to use the commonly used 192.168.1.0/24 or 10.0.0.0 IP ranges when they deploy or move services into a cloud. This feature also makes it possible for companies to merge server infrastructures.
- Virtual Switch: The Virtual Network of the past has been replaced by an extensible Virtual Switch. Third-party ISVs can (and already have) build extensions to the functionality of the Hyper-V Virtual Switch. Already there are monitoring and security extensions. And companies such as Cisco and NEC have created so-called forwarding extensions to make the virtual switch manageable like a physical network appliance. This returns the complexity of virtual network management, which has been done by virtualization engineers, to the network engineers who are best skilled to do this work. Other troubleshooting features have also been added, such as logging and port mirroring to assist with network/service diagnostics without installing software in tenant VMs.
- Automation: Hyper-V underwent huge increases in scalability with the release of WS2012, which means that automated administration is more important. There are over 2,000 PowerShell cmdlets in WS2012, and over 160 of those are for Hyper-V alone. This enables automated administration, rapid changes at huge scales, and the achievement of repeatable results.
- Flexibility and mobility: Live Migration (the movement of virtual machines and/or their files with no downtime to service availability) leads the market. You can live migrate a virtual machine to different storage locations, between clustered hosts, between clusters, between non-clustered hosts, and between clustered hosts and non-clustered hosts. Other features leverage this, such as host maintenance mode and Clustered Aware Updating (the orchestrated patching of clustered hosts).
- Storage: Microsoft continued their investment in traditional block storage such as fiber channel SANs. Host bus adapters (HBAs) in Hyper-V hosts can be virtualized and shared with virtual machines via virtual HBAs, and this is done with the support of Live Migration. TRIM and Unmap features are supported in virtual SCSI attached VHDX files. Offloaded Data Transfer (ODX) enables near instant VHD/X (even fixed-size) creation and deployment of virtual machine templates from one LUN to another. But the most interesting new feature is the SMB 3.0, where Windows Server 2012 Hyper-V supports storing running virtual machines on a Windows Server 2012 file server. Don’t be prejudiced: SMB 3.0 storage might not offer enhanced features like LUN replication, but it offers the fastest and most economic storage available. Features such as SMB Multichannel (think of it as dynamic auto-configuring MPIO for file server traffic) and SMB Direct (leveraging Remote Direct Memory Access or RDMA) give really fast networking over 1 GbE, 1 GBE, and faster (iWarp, ROCE, and Infiniband) networking. Continuous availability and scalability are offered through an active/active file server cluster for application data called a Scale-Out File Server.
- Networking: There are a huge number of new networking elements in Windows Server 2012 to improve performance, scalability, and manageability. Built-in NIC teaming and quality of service (QoS) allows us to create converged networks to simplify host networking. SR-IOV, RSS, and DVMQ improve performance and scalability.
These are just some of the features of Windows Server 2012 that take Hyper-V beyond virtualization. There are many more ingredients: WS2012 brings a lot to the table on its own, but the cloud OS really comes to life when some of these features are lit up by System Center 2012 SP1.
System Center 2012 SP1
Prior to the release of System Center 2012, there were numerous independent System Products that had some level of integration. Then came System Center 2012, a suite (that some consider as a single product) that is made up of a deeply integrated set of components. Used separately, each tool brings a lot to the Cloud OS. When used together, System Center 2012 SP1 can revolutionize who a business consumes (or provides) cloud computing.
- Virtual Machine Manager (VMM/SCVMM): VMM is at the heart of the Cloud OS with Hyper-V. To those coming from vSphere, VMM is like vCenter, but it does much more. VMM provides the mechanism for deploying your hosts, configuring host networks and enabling HNV, and deploying – not only virtual machines, but also services made up of many elastic tiers, networks, storage, load balancers – all from a template that is IT-designed and managed. It should be noted that, like much of System Center, while VMM offers the most when used with Hyper-V, it can also deploy clouds, virtual machines, and services on vSphere and XenServer.
- App Controller: A key trait of the cloud is self-service. VMM enables self-service with self-service roles (featuring optional quotas and resource access control), but it requires a portal. App Controller offers a portal to your private cloud(s) that is (are) managed by VMM. App Controller also offers and IT-managed portal to a company account with public clouds such as Azure or those provided by hosting companies. This allows tenants to deploy their services onto the cloud that best suits their service. This provides the tenant access to private, public, and hybrid clouds through a single portal.
- Data Protection Manager (DPM): The most important thing that a service provider can do is secure a tenant’s data. Host security features such as BitLocker provide access security. Backup provides data access security by backing up virtual machines and data. Host-level backup policies can backup large collections of virtual machines, optionally leveraging Volume Shadow Copy Service (VSS) compatible LUN snapshot functionality of supporting SANs. And in-guest policies can backup guest operating systems and/or their data. A new feature is that data can be sent offline automatically to Window Azure Online Backup for automated off-site storage.
- Configuration Manager (SCCM/ConfigMgr): ConfigMgr often gets forgotten in the Microsoft Cloud OS story – this is a mistake. ConfigMgr has the power to deliver patching, auditing, compliance control, and change control from a central point, and comes with an app store called the Application Catalog. The makes ConfigMgr much more than a client endpoint management solution.
- Endpoint Protection: The basics of security are covered too; Endpoint Protection moved from the more-or-less defunct Forefront product group to System Center, and provides anti-virus protection for your cloud.
- Operations Manager (SCOM/OpsMgr): Service providers must offer service level agreements (SLAs) to their customers, internal or external alike. There is much more to service availability than checking for a full disk, CPU utilization, or running a ping test. OpsMgr performs automatic deep discovery of resources with a multi-function agent. This automation is important in a cloud – the operators of the cloud usually have no clue what tenants are deploying and therefore traditional IT-driven agent configuration cannot work. Operators and engineers get the deep level of monitoring that it takes to run a reliable service. On the other hand, services can be modeled and monitored at the element and client perspective basis (remote monitoring, even from Microsoft data centers around the world). This high level view gives the tenant (and business) the view that they want, and the SLA reporting that they need.
- Orchestrator (SCOrch): There are integrations throughout System Center, such as Performance and Resource Optimization (PRO) between OpsMgr and VMM. Integration Packs allow SCOrch to integrate all of System Center and other products (such as vSphere, Active Directory, Exchange, and so on) in deep ways using runbooks. A runbook is an automated implementation of some process, such as creating a user (user account, mailbox, emailing a password, etc). By itself, SCOrch gives operators a very powerful set of tools.
- Service Manager: This must be said: Service Manager is not a helpdesk product, although you can run a helpdesk from it. Service Manager is much more than a $90/year product. Think of this huge business centric product as a means for revealing the functions of IT and revealing them through a request mechanism in the SharePoint-based Service Manager portal. Entire solutions, such as the Cloud Process Pack, glue together the Cloud OS. For example, a tenant can request a service through the portal. A runbook kicks off, maybe seeking the approval of the assigned budget owner. The components that make up the service are deployed on Hyper-V by VMM, including the VM networks for HNV. Monitoring of the service is enabled by deploying OpsMgr agents (leading to automated discovery and monitoring). DPM backup policies can be updated to include the new virtual machines and/or SQL databases. Finally, a notification can be sent out to the tenant to let know that their new service is online. That’s an example of how a deeply integrated cloud OS operates.
There’s more to the Cloud OS!
Microsoft did not rest after the release of WS2012 and System Center 2012 SP1. Microsoft is not just offering a private cloud. A public cloud is offered in the form of Windows Azure. You can deploy your services on Azure Infrastructure-as-a-Service, and move your virtual machines (offline) to and from the public cloud. Hosting companies need not fear, as Windows Azure Services for Windows Server gives independent public cloud service providers the ability to deploy services based on Hyper-V and System Center using a portal that is almost identical to the one found on Azure. This new modular and customizable portal has proven so interesting that customers are even considering it as a competitor to the open source alternatives for private cloud (instead of App Controller), giving them all of the characteristics of a cloud in a tidy and scalable package.
Uniqueness of the Cloud OS
While there are companies that create a cloud designed from traditional virtualization-centric server (not service) management, and there are communities that build a cloud without deep integration into the virtualization, Microsoft has designed and built a complete cloud OS from the foundation of the infrastructure right through to the portal that the tenant is deploying their services through. Microsoft’s experience in managing public clouds in some of the largest data centers in the world gives them a unique perspective, and their history in delivering service-centric systems management has made their platform a natural choice for cloud computing. And true to form for the 2012 generation of products, you have options – there is no one right way to design and deploy a cloud.