Lead Image © Mikko J. Pitkänen, Fotolia.com

Lead Image © Mikko J. Pitkänen, Fotolia.com

Private cloud with Microsoft Azure Stack

Premium Blend

Article from ADMIN 44/2018
By , By
Azure Stack is an Azure extension that implements an on-premises data center for consistent hybrid cloud deployments.

Up to now, services were mostly available online from a public cloud. Although Windows Server, System Center, and Windows Azure Pack are components for a hybrid cloud, setting up a private cloud required great know-how and effort – something that Microsoft certainly changes with Azure Stack.

Objectives

The virtualization layer plays only a minimal role in this first version of Azure Stack, so it is of interest to companies whose classic virtualization is based on a hypervisor other than Hyper-V. The added value of Azure Stack is found in the other layers and the cloud services it enables, for which virtualization is ultimately only a means to an end. In other words, infrastructure as a service (IaaS) should complete platform as a service (PaaS) and not serve as the primary solution.

Microsoft does not regard Azure Stack as a playground for customers with the urge to handle their own servers, but rather as a highly integrated solution with software and hardware components that are mostly hidden from admins and that have been defined, validated, and, above all, put through their paces by Microsoft and selected hardware manufacturers. This self-contained concept is designed to provide companies the greatest possible consistency with the Azure cloud model (Figure 1).

Figure 1: Azure Stack is software and hardware: The software is supplied by Microsoft Azure, and the hardware comes from six OEM partners.

The ecosystem for creating, managing, and using all Azure components should be the same across the different Azure environments. Azure Stack belongs to an Azure environment as well as Azure Public, Azure Government, Azure China, and Azure Germany. All users should have the same set of tools available for all landscapes, which should make it easier to switch between environments, especially from Azure Stack to Azure Public. Microsoft understands this as consistency in its cloud model: The deployment of virtual machines (VMs) or entire workloads looks the same no matter which Azure environment is addressed.

Delivery Specifications

Initially, Azure Stack is available from original equipment manufacturer (OEM) partners Cisco, Dell EMC, HPE, Huawei, and Lenovo. In the first version of July 2017, the available services are still manageable. Azure Stack could only be operated in one region and with a scale unit [1] that consisted of 4 to 12 physical servers provided by the above-mentioned OEM partners. Functionally, Azure Stack [2] offered the following with the general availability (GA) release:

  • IaaS: Azure Virtual Machines (A, D, and Dv2), Azure VM scale sets, Azure Storage (blobs, tables, queues), Azure networking (virtual networks, load balancer, VPN gateway), and Azure Key Vault.
  • PaaS: Azure App Service (Web Apps, Mobile Apps, API Apps), Azure Functions, MySQL, and SQL Server RP. In 2018, standalone Azure Service Fabric cluster (IaaS VMs) and Azure Container Service (ACS) engine support (Docker Swarm, Mesosphere DC/OS, Kubernetes container management templates) will be added.
  • Azure Identity: Azure Active Directory (AAD), multitenant support, and Active Directory Federation Services (ADFS) support.

The licensing of Azure Stack is similar to the licensing of Azure, wherein services are charged according to their use. The price is lower for Azure Stack, but you have to take into account the hardware and operation costs. Alternatively, you can license Azure Stack in full beforehand.

Availability is heavily dependent on OEMs who sell and deliver the solution. Where Azure Stack is not currently available, Microsoft intends to add the software and hardware packages later with the help of additional OEMs and thus achieve greater availability than the initial 46 countries worldwide.

What Azure Stack Is Not

Azure Stack is not a substitute for a private cloud or virtualization platform that administrators can customize and configure. As mentioned before, Microsoft delivers Azure Stack as an integrated system that is preconfigured and protected against external influences and changes for security reasons. Azure Stack's degree of customization is therefore narrow and limited to the workloads.

Therefore, although discussions about the Azure Stack architecture are informative, they not as important as in private cloud deployments. Azure Stack comes from all OEM partners in the same configuration – only the hardware components are specific to the manufacturer. This model is not very popular with many IT managers when it comes to setting up a local infrastructure that needs fine tuning, but only in this way can Microsoft ensure the alignment of Azure Stack with Azure and its continuous updates. Additionally, Azure Stack's delivery configuration protects against unsigned third-party code execution.

Despite the efforts for consistency, Azure Stack differs from the public Azure offering (Table 1), above all, in its available services, API version, functions, and scaling. For most companies, the cloud offers almost infinite resources, which pays off especially in scenarios with high-performance computing or machine learning, for which resources are only used – and thus paid – for a certain period of time.

Table 1

Azure/Azure Stack Features Compared

Feature Azure Azure Stack
Responsibility for operation Microsoft Customer/service provider
Support Microsoft Customer Support Services (CSS) CSS, with support from the OEM partner. The Azure Stack Development Kit (ASDK) is supported by the community; Microsoft does not provide any official support [3]
Infrastructure Microsoft Customer and OEM partner (including hardware life cycle)
Support duration Ongoing Current version and previous update
Costs Operating expense (Opex) Opex, capitol expense (Capex)
Azure service availability By Azure region [4] Selected subset of Azure services
Azure Resource Manager (ARM) endpoint https://management.azure.com Limited ASDK: https://management.local.azurestack.external
URL portal https://portal.azure.com Limited ASDK: https://portal.local.azurestack.external
Region Choice of 38 regions worldwide (as of summer 2017) [5] One region. In the limited ASDK, the region is always local
Resource groups A resource group can be defined across regions The ASDK supports only one region
Supported namespaces, resource types, and API versions The latest versions are always supported One specific version is supported for each service

The enormous elasticity of Azure's public offering, which can easily grow more than several hundreds or thousands of cores and shrink again hours later, is not yet provided by Azure Stack – on the basis of physical resources – even if these resources, with Azure Stack, would be idle after use.

Another fallacy is that all the new Windows Server 2016 features have been added to Azure Stack. Although the closed system is based on Windows Server 2016, Microsoft decided to maintain consistency before functionality: In Hyper-V, for example, "shielded VMs" are a very popular scenario for hosters, and not only from a security point of view. However, because Azure does not currently support shielded VMs, this feature is not available in Azure Stack for consistency reasons.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus