What’s New in Azure Stack TP2

This article will discuss the second technical preview release of Azure Stack, Microsoft’s on-premises version of Azure, that was released at Microsoft Ignite 2016 in Atlanta.

Hybrid Cloud Is More Than a VPN

Every Windows Server or cloud presentation that I’ve seen Microsoft do with customers in the room over the past 3 years has started with one message. Microsoft is producing hybrid cloud technology that allows you to choose where to run your workloads and store your data:

• Locally, on-premises
• With a Microsoft partner hosting company
• In one of Microsoft clouds, such as Azure
• A mixture of 2 or 3 of the above

This hybrid approach is unique to Microsoft in the “big 3” clouds. Companies such as Amazon and Google preach that the only place you should consider placing your workloads and data is in their clouds, otherwise you’re just old fashioned and dumb — a message that is sadly reflected by some media types with little tech or industry savvy. Hybrid, for Amazon and Google, means that you have some sort of network connection from your private network to your deployment in the public cloud, where you run all of your services and store all of your data.
The cold hard reality is that businesses want choice. In my experience, a lot of customers do have a preference to deploy (public) cloud first, for example Office 365 or Azure. But there are times when that does not make sense. Consider a factory where a minute of downtime can cost millions of dollars — do you want your control systems to be running in a remote location? Sure, you can have multiple network connections to those services running in multiple public clouds, but a single digger down the road will quickly terminate access to both of those options.
Microsoft understands the needs of enterprise customers — it has grown up with those customers, with Windows Server starting as a place to run smaller tasks in small-mid offices, and evolving into a data center server deployed by the thousands in large enterprise and government networks. Microsoft built Azure, its public IaaS and PaaS cloud, for these customers, and did so with the understanding that customers would want to be able to choose where to run their workloads and store their data, and be able to have a consistent experience across public, hosted, and private clouds.
We have always had a hybrid solution from Microsoft, but we’re closing in fast on the complete solution: Azure Stack is scheduled to be generally available in mid 2017.

What Is Azure Stack?

We can use the tired old line of “Azure in a box” that’s been thrown around since the release of (Windows) Azure Pack, a public/private cloud “skin” that sat on top of Windows Server 2012 R2 Hyper-V and System Center 2012 R2 Hyper-V. Azure Pack wasn’t really Azure, it just looked like the old Azure portal. But this all changed thanks to Azure Resource Manager (ARM).
Microsoft introduced ARM to replace Azure Service Management (ASM) as an API between the Azure Portal and the fabrics of Azure. When you do something in Azure, a set of instructions are sent to resource managers (such as Compute, Networking, and Storage).
Microsoft is bringing ARM to its new on-premises and hosted cloud solution, Azure Stack, which effectively means customers can deploy “Azure” themselves, directly on Windows Server 2016 and optionally with System Center (for infrastructure management). Customers will have a consistent experience between Azure and Azure Stack, with a common portal, common PowerShell cmdlets, and common hypervisor, networking, and storage.
Microsoft argues that this consistency is the true meaning of hybrid cloud — developers and operators have a common platform no matter where virtual machines, virtual networks, storage accounts or more are deployed, and a consistent experience when they do that deployment or migration. Microsoft’s hybrid cloud truly is more than just a site-to-site VPN or WAN connection, which you can also do with Azure.

Marketplace Syndication

An example of the truly hybrid and consistent cloud is Azure Marketplace syndication, discussed at Ignite 2016, which is coming to Azure Stack. A simple example of this syndication is how a private cloud administrator can save time. Instead of re-creating Windows Server images every month (with the latest updates), they can syndicate the images from the Azure Marketplace. The images are downloaded and made available to users of Azure Stack. Not only has the administrator saved time, but also the users are building applications on the exact same images that are used in Azure — that’s pretty useful if you do dev/test in the on-demand Azure and deploy production systems in the local Azure Stack cloud.
Additionally, it sounds like this syndication will allow third-party virtual machine images to be syndicated, meaning that you can get easy access to third party software/appliances with a consistent deployment to Azure.

Technical Preview 2

Obviously, Azure Stack TP2 has a lot of bug fixes. There are also some feature improvements; a full listing of features can be found in Microsoft’s Azure Stack documentation, but I thought that I would mention some highlights.

• iDNS: DNS can be the cause of a lot of issues in deployments. You might want to avoid deploying a full-blown DNS infrastructure and use iDNS instead. You can resolve external names, register internal virtual network names, and resolve VMs on the same virtual network by name. This has been in Azure, but is coming with Azure Stack and Windows Server 2016.
• Virtual Network Gateway: Hosting companies will be able to allow private network connections into hosted customers via VPN.
• User-defined routing: Azure virtual network provide default routing rules, but you can override these, which is especially useful when using a network virtual appliance as a firewall.
• Premium Storage API Support: You can offer Standard (HDD) or Premium (SSD) storage to tenants.
• Resize virtual machine disks: Customer requirements will change over time, so they need to be able to increase or decrease the size of virtual hard disks.
• Virtual machines with multiple vNICs: This isn’t important for normal workload machines in Azure, but having multiple NICs is important for network virtual appliances. For example, some third-party firewall virtual machines require a NIC for external communications and a NIC for internal communications.
• Key Vault: This feature is something that I’ve yet to play with, but Key Vault allows developers and operators to store secrets (keys and passwords) in a secure manner.
• Billing: Azure Stack has a set of billing and consumption APIs so you can charge (internal or external) customers for using your cloud. Partner companies will produce billing solutions, as happened with Azure Pack.